{"version":"https://jsonfeed.org/version/1","title":"Security Conversations","home_page_url":"http://securityconversations.fireside.fm","feed_url":"http://securityconversations.fireside.fm/json","description":"Security Conversations is a series of podcasts covering threat intelligence and the business of cybersecurity, from the lens of veteran journalist and storyteller Ryan Naraine. The Three Buddy Problem show features conversations and debates on nation-state APTs, cyberespionage, spy tradecraft, cryptocurrency theft, advancements in offensive research and targeted malware espionage activity. \r\n\r\nConnect with Ryan on Twitter (Open DMs).","_fireside":{"subtitle":"Home of the Three Buddy Problem","pubdate":"2025-01-17T12:30:00.000-07:00","explicit":false,"copyright":"2025 by The Naraine Group","owner":"Ryan Naraine","image":"https://media24.fireside.fm/file/fireside-images-2024/podcasts/images/5/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/cover.jpg?v=14"},"items":[{"id":"f31e117e-f570-453a-862f-604a0314c90b","title":"Inside the PlugX malware removal operation, CISA takes victory lap and another Fortinet 0day","url":"https://securityconversations.fireside.fm/cisa-victory-lap-plugx-removal-tiktok-ban","content_text":"Three Buddy Problem - Episode 30: We discuss French threat-intel Sekoia creating a portal to handle “sovereign disinfections” of the PlugX malware, CISA leadership taking a victory lap using the ‘Secure by Design’ pledge as a trophy, the new Biden cybersecurity Executive Order, another Fortinet zero-day, the TikTok ban and Ukrainian hackers targeting Russian companies. \n\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. ComputersPlugX removal affidavitSekoia -- PlugX worm disinfection campaignJen Easterly: Building a secure by Design ecosystem Trump zeroes in on Sean Plankey to lead CISASean Plankey bioBiden cybersecurity executive orderBiden executive order aims to shore up US cyber defensesGravy Analytics accused of negligence over location data breachTracking the mobile trackers (Costin Raiu) - YouTubeRussia's largest platform for state procurement hit by cyberattack from pro-Ukraine groupNew Star Blizzard spear-phishing campaign targets WhatsApp accountsUK proposes ransomware payment banFortinet authentication bypass zero-day Fortinet: Deep dive into a Linux rootkit malwareBernardo Quintero's new book on VirusTotal (Spanish-language)","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 30\u003c/strong\u003e: We discuss French threat-intel Sekoia creating a portal to handle “sovereign disinfections” of the PlugX malware, CISA leadership taking a victory lap using the ‘Secure by Design’ pledge as a trophy, the new Biden cybersecurity Executive Order, another Fortinet zero-day, the TikTok ban and Ukrainian hackers targeting Russian companies. \u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1HS3gbpFtueD9eaOkBNbgS5Hg-x7SNSKudF9gx84_qMU/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers\" rel=\"nofollow\" href=\"https://www.justice.gov/opa/pr/justice-department-and-fbi-conduct-international-operation-delete-malware-used-china-backed\"\u003eCourt-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PlugX removal affidavit\" rel=\"nofollow\" href=\"https://www.justice.gov/opa/media/1384136/dl\"\u003ePlugX removal affidavit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sekoia -- PlugX worm disinfection campaign\" rel=\"nofollow\" href=\"https://blog.sekoia.io/plugx-worm-disinfection-campaign-feedbacks/\"\u003eSekoia -- PlugX worm disinfection campaign\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jen Easterly: Building a secure by Design ecosystem \" rel=\"nofollow\" href=\"https://www.cisa.gov/news-events/news/building-secure-design-ecosystem\"\u003eJen Easterly: Building a secure by Design ecosystem \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Trump zeroes in on Sean Plankey to lead CISA\" rel=\"nofollow\" href=\"https://www.politico.com/live-updates/2025/01/15/congress/sean-plankey-likely-to-lead-u-s-cyber-agency-00198382\"\u003eTrump zeroes in on Sean Plankey to lead CISA\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sean Plankey bio\" rel=\"nofollow\" href=\"https://www.sans.org/profiles/sean-plankey/\"\u003eSean Plankey bio\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Biden cybersecurity executive order\" rel=\"nofollow\" href=\"https://www.whitehouse.gov/briefing-room/presidential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/\"\u003eBiden cybersecurity executive order\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Biden executive order aims to shore up US cyber defenses\" rel=\"nofollow\" href=\"https://apnews.com/article/cybersecurity-biden-trump-china-russia-ai-quantum-3fc53784ad9d1c05d7de85224a762a36\"\u003eBiden executive order aims to shore up US cyber defenses\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Gravy Analytics accused of negligence over location data breach\" rel=\"nofollow\" href=\"https://news.bloomberglaw.com/privacy-and-data-security/gravy-analytics-accused-of-negligence-over-location-data-breach\"\u003eGravy Analytics accused of negligence over location data breach\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tracking the mobile trackers (Costin Raiu) - YouTube\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=EG6sZA1N8NU\u0026amp;ab_channel=OPCDE\"\u003eTracking the mobile trackers (Costin Raiu) - YouTube\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russia\u0026#39;s largest platform for state procurement hit by cyberattack from pro-Ukraine group\" rel=\"nofollow\" href=\"https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack\"\u003eRussia\u0026#39;s largest platform for state procurement hit by cyberattack from pro-Ukraine group\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Star Blizzard spear-phishing campaign targets WhatsApp accounts\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/security/blog/2025/01/16/new-star-blizzard-spear-phishing-campaign-targets-whatsapp-accounts/\"\u003eNew Star Blizzard spear-phishing campaign targets WhatsApp accounts\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"UK proposes ransomware payment ban\" rel=\"nofollow\" href=\"https://www.gov.uk/government/news/world-leading-proposals-to-protect-businesses-from-cybercrime\"\u003eUK proposes ransomware payment ban\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fortinet authentication bypass zero-day \" rel=\"nofollow\" href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-535\"\u003eFortinet authentication bypass zero-day \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fortinet: Deep dive into a Linux rootkit malware\" rel=\"nofollow\" href=\"https://www.fortinet.com/blog/threat-research/deep-dive-into-a-linux-rootkit-malware\"\u003eFortinet: Deep dive into a Linux rootkit malware\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bernardo Quintero\u0026#39;s new book on VirusTotal (Spanish-language)\" rel=\"nofollow\" href=\"https://www.amazon.com/Infectado-Spectrum-emprendedor-accidental-Spanish/dp/8409666227/ref=sr_1_1?crid=27KFPUV4ECRH7\u0026amp;dib=eyJ2IjoiMSJ9.RtftyW4qSxl2Q07QPDYz0JgOYLm_jlK0D5e4quXsVNSmjtQQ8abhBlRIA-Nf7U52lLy4zw2gX2NTgPAbcbW6n4rBuiAXNmN3-GgGABAjMjDXf_3a6-W0W9zIyiKdEYRWl2rlphl_tl5MwyE5wHHlBouzn8aE8_GS_Lk478PIl5G-bFxbGPG9Gd8OAzKjHaxqUbf7P4jpSzKvIsumlR5eaI3rVPfdcdYXyLaGM_LpxGk.B0D0HYHfmenDvtslyNwXiMtNFrsxLEiihfv4twDd4t8\u0026amp;dib_tag=se\u0026amp;keywords=bernardo+quintero\u0026amp;qid=1737143167\u0026amp;sprefix=%2Caps%2C143\u0026amp;sr=8-1\"\u003eBernardo Quintero\u0026#39;s new book on VirusTotal (Spanish-language)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 30: We discuss French threat-intel Sekoia creating a portal to handle “sovereign disinfections” of the PlugX malware, CISA leadership taking a victory lap using the ‘Secure by Design’ pledge as a trophy, the new Biden cybersecurity Executive Order, another Fortinet zero-day, the TikTok ban and Ukrainian hackers targeting Russian companies. \r\n\r\nCast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade","date_published":"2025-01-17T12:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/f31e117e-f570-453a-862f-604a0314c90b.mp3","mime_type":"audio/mpeg","size_in_bytes":95741011,"duration_in_seconds":7192}]},{"id":"84744251-fc7f-4c4c-bee0-e328e8ae3c02","title":"Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln","url":"https://securityconversations.fireside.fm/ivanti-zero-day-samsung-zero-click-china-blame","content_text":"Three Buddy Problem - Episode 29: Another day, another Ivanti zero-day being exploited in the wild. Plus, China's strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter's reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian ISP.\n\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)Ivanti Connect Secure zero-day advisoryMandiant report on new Ivanti zero-dayChina Daily responds to Volt Typhoon attributionJapan warns about Chinese 'MirrorFace' attacksWho is MirrorFace?Natalie Silvanovich on new Samsung 0-clickKim Zetter: Anatomy of a Nuclear ScareBackdooring .gov backdoors via $20 domainsAPT32 poisoning GitHub, targeting Chinese security prosUkraine wipes Russian ISPRussian internet provider confirms network ‘destroyed’ by Ukrainian hackersMullvad: Quantum-resistant tunnels on desktop VPNFundraiser for Marc RogersCNN: Amit Yoran has died at 54 ","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 29\u003c/strong\u003e: Another day, another Ivanti zero-day being exploited in the wild. Plus, China\u0026#39;s strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter\u0026#39;s reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian ISP.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1v4WDMg3bTW_lQ0cYU7LBrlLND9eVBt-wkpw4tLJI3f4/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ivanti Connect Secure zero-day advisory\" rel=\"nofollow\" href=\"https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US\"\u003eIvanti Connect Secure zero-day advisory\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mandiant report on new Ivanti zero-day\" rel=\"nofollow\" href=\"https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day/\"\u003eMandiant report on new Ivanti zero-day\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"China Daily responds to Volt Typhoon attribution\" rel=\"nofollow\" href=\"https://x.com/chinadaily/status/1876581637762457694?s=46\u0026amp;t=NxSQbkIl4wl2Ei8yYr-9IQ\"\u003eChina Daily responds to Volt Typhoon attribution\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Japan warns about Chinese \u0026#39;MirrorFace\u0026#39; attacks\" rel=\"nofollow\" href=\"https://www.npa.go.jp/bureau/cyber/koho/caution/caution20250108.html\"\u003eJapan warns about Chinese \u0026#39;MirrorFace\u0026#39; attacks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Who is MirrorFace?\" rel=\"nofollow\" href=\"https://malpedia.caad.fkie.fraunhofer.de/actor/mirrorface\"\u003eWho is MirrorFace?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Natalie Silvanovich on new Samsung 0-click\" rel=\"nofollow\" href=\"https://x.com/natashenka/status/1877507134474109437\"\u003eNatalie Silvanovich on new Samsung 0-click\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kim Zetter: Anatomy of a Nuclear Scare\" rel=\"nofollow\" href=\"https://www.zetter-zeroday.com/anatomy-of-a-nuclear-scare/\"\u003eKim Zetter: Anatomy of a Nuclear Scare\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Backdooring .gov backdoors via $20 domains\" rel=\"nofollow\" href=\"https://labs.watchtowr.com/more-governments-backdoors-in-your-backdoors/\"\u003eBackdooring .gov backdoors via $20 domains\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"APT32 poisoning GitHub, targeting Chinese security pros\" rel=\"nofollow\" href=\"https://threatbook.io/blog/APT32-Poisoning-GitHub,-Targeting-Chinese-Cybersecurity-Professionals-and-Specific-Large-Enterprises\"\u003eAPT32 poisoning GitHub, targeting Chinese security pros\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ukraine wipes Russian ISP\" rel=\"nofollow\" href=\"https://vk.com/wall-7622_825\"\u003eUkraine wipes Russian ISP\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russian internet provider confirms network ‘destroyed’ by Ukrainian hackers\" rel=\"nofollow\" href=\"https://therecord.media/russian-internet-provider-says-network-destroyed-cyberattack\"\u003eRussian internet provider confirms network ‘destroyed’ by Ukrainian hackers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mullvad: Quantum-resistant tunnels on desktop VPN\" rel=\"nofollow\" href=\"https://mullvad.net/en/blog/quantum-resistant-tunnels-are-now-the-default-on-desktop\"\u003eMullvad: Quantum-resistant tunnels on desktop VPN\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fundraiser for Marc Rogers\" rel=\"nofollow\" href=\"https://www.gofundme.com/f/support-marc-rogers-road-to-recovery\"\u003eFundraiser for Marc Rogers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CNN: Amit Yoran has died at 54 \" rel=\"nofollow\" href=\"https://www.cnn.com/2025/01/04/business/amit-yoran-dies-tenable-ceo/index.html\"\u003eCNN: Amit Yoran has died at 54 \u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 29: Another day, another Ivanti zero-day being exploited in the wild. Plus, China's strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter's reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian ISP.\r\n\r\nCast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade","date_published":"2025-01-10T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/84744251-fc7f-4c4c-bee0-e328e8ae3c02.mp3","mime_type":"audio/mpeg","size_in_bytes":91922860,"duration_in_seconds":6501}]},{"id":"2702a1ec-2c6e-4d8c-902a-5f462b1a93be","title":"US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess","url":"https://securityconversations.fireside.fm/fixing-threat-actor-naming-mess","content_text":"Three Buddy Problem - Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. \n\nPlus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident.\n\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)BeyondTrust statement on hack investigationU.S. Treasury says it was hacked by China-backed actorsAnother Palo Alto 0day exploited in the wildUS telcos say they've evicted Salt Typhoon Chinese hackersGoogle: What is BeyondCorp?Introducing the MISP Threat Actor Naming StandardMISP: Recommendations on Naming Threat ActorsNew variant of the CIA HIVE attack kitXdr33 Variant Of CIA's HIVE Attack Kit EmergesSavvy Seahorse connection to Cyberhaven incidentUS sanctions China's Integrity Technology over Flax Typhoon hacksOperation AuroraAPT1 Exposing One of China’s Cyber Espionage Units","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 28\u003c/strong\u003e: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. \u003c/p\u003e\n\n\u003cp\u003ePlus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1Fozuh0j1k3EiKJr8mSxP__6O6dQ3iLgAxeEq8f9GKxI/edit?tab=t.0#heading=h.1u39inyn4ent\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BeyondTrust statement on hack investigation\" rel=\"nofollow\" href=\"https://www.beyondtrust.com/remote-support-saas-service-security-investigation\"\u003eBeyondTrust statement on hack investigation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"U.S. Treasury says it was hacked by China-backed actors\" rel=\"nofollow\" href=\"https://archive.ph/0ELY2\"\u003eU.S. Treasury says it was hacked by China-backed actors\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Another Palo Alto 0day exploited in the wild\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/CVE-2024-3393\"\u003eAnother Palo Alto 0day exploited in the wild\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US telcos say they\u0026#39;ve evicted Salt Typhoon Chinese hackers\" rel=\"nofollow\" href=\"https://www.reuters.com/technology/cybersecurity/chinese-salt-typhoon-cyberespionage-targets-att-networks-secure-carrier-says-2024-12-29/\"\u003eUS telcos say they\u0026#39;ve evicted Salt Typhoon Chinese hackers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google: What is BeyondCorp?\" rel=\"nofollow\" href=\"https://cloud.google.com/beyondcorp\"\u003eGoogle: What is BeyondCorp?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introducing the MISP Threat Actor Naming Standard\" rel=\"nofollow\" href=\"https://www.misp-standard.org/blog/Naming-Threat-Actor/\"\u003eIntroducing the MISP Threat Actor Naming Standard\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MISP: Recommendations on Naming Threat Actors\" rel=\"nofollow\" href=\"https://www.misp-standard.org/rfc/threat-actor-naming.html\"\u003eMISP: Recommendations on Naming Threat Actors\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"New variant of the CIA HIVE attack kit\" rel=\"nofollow\" href=\"https://x.com/nextronresearch/status/1874690494930014703\"\u003eNew variant of the CIA HIVE attack kit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Xdr33 Variant Of CIA\u0026#39;s HIVE Attack Kit Emerges\" rel=\"nofollow\" href=\"https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/\"\u003eXdr33 Variant Of CIA\u0026#39;s HIVE Attack Kit Emerges\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Savvy Seahorse connection to Cyberhaven incident\" rel=\"nofollow\" href=\"https://blogs.infoblox.com/threat-intelligence/beware-the-shallow-waters-savvy-seahorse-lures-victims-to-fake-investment-platforms-through-facebook-ads/\"\u003eSavvy Seahorse connection to Cyberhaven incident\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US sanctions China\u0026#39;s Integrity Technology over Flax Typhoon hacks\" rel=\"nofollow\" href=\"https://www.reuters.com/technology/cybersecurity/us-issues-cybersecurity-sanctions-against-chinas-integrity-technology-2025-01-03/\"\u003eUS sanctions China\u0026#39;s Integrity Technology over Flax Typhoon hacks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Operation Aurora\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Operation_Aurora\"\u003eOperation Aurora\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"APT1 Exposing One of China’s Cyber Espionage Units\" rel=\"nofollow\" href=\"https://www.mandiant.com/sites/default/files/2021-09/mandiant-apt1-report.pdf\"\u003eAPT1 Exposing One of China’s Cyber Espionage Units\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. \r\n\r\nPlus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident.\r\n\r\nCast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade","date_published":"2025-01-03T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/2702a1ec-2c6e-4d8c-902a-5f462b1a93be.mp3","mime_type":"audio/mpeg","size_in_bytes":88069225,"duration_in_seconds":6556}]},{"id":"55fe71f1-b9b4-4a31-8a0b-8f6a8d59b903","title":"Palo Alto network edge device backdoor, Cyberhaven browser extension hack, 2024 research highlights","url":"https://securityconversations.fireside.fm/palo-alto-backdoor-cyberhaven-hack-year-review","content_text":"Three Buddy Problem - Episode 27: We discuss the discovery of a Palo Alto network firewall attack and a stealthy network ed ge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025.\n\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)LITTLELAMB.WOOLTEA: Stealthy Network Edge Device Backdoor Palo Alto: Operation Lunar PeekInvestigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts“A Digital Prison”: Surveillance and the suppression of civil society in SerbiaCyberhaven breach reported. Employee phished and pushed malicious chrome extensionGRU 29155 doing cyber operationsHow a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-DaysOperation MiddleFloor: Unmasking the Disinformation Campaign Targeting Moldova's National ElectionsNSPX30: A sophisticated AitM-enabled implant evolving since 2005backdoor in upstream xz/liblzma leading to ssh server compromisePKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI EcosystemThe Tech Coup - How to Save Democracy from Silicon Valley","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 27\u003c/strong\u003e: We discuss the discovery of a Palo Alto network firewall attack and a stealthy network ed ge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1321LDAuU5PosOnXODrFvvXAx8TiTXr1kbtQZE1PhhLw/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LITTLELAMB.WOOLTEA: Stealthy Network Edge Device Backdoor \" rel=\"nofollow\" href=\"https://northwave-cybersecurity.com/hubfs/LITTLELAMB%20WOOLTEA%20technical%20writeup%20Schrijver%20and%20Oudenaarden.pdf\"\u003eLITTLELAMB.WOOLTEA: Stealthy Network Edge Device Backdoor \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Palo Alto: Operation Lunar Peek\" rel=\"nofollow\" href=\"https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/\"\u003ePalo Alto: Operation Lunar Peek\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts\" rel=\"nofollow\" href=\"https://cloud.google.com/blog/topics/threat-intelligence/investigating-ivanti-exploitation-persistence/\"\u003eInvestigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"“A Digital Prison”: Surveillance and the suppression of civil society in Serbia\" rel=\"nofollow\" href=\"https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/\"\u003e“A Digital Prison”: Surveillance and the suppression of civil society in Serbia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cyberhaven breach reported. Employee phished and pushed malicious chrome extension\" rel=\"nofollow\" href=\"https://x.com/cstanley/status/1872365853318225931\"\u003eCyberhaven breach reported. Employee phished and pushed malicious chrome extension\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"GRU 29155 doing cyber operations\" rel=\"nofollow\" href=\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a\"\u003eGRU 29155 doing cyber operations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar \" rel=\"nofollow\" href=\"https://www.wired.com/story/predatory-sparrow-cyberattack-timeline/\"\u003eHow a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days\" rel=\"nofollow\" href=\"https://www.securityweek.com/sophos-used-custom-implants-to-surveil-chinese-hackers-targeting-firewall-zero-days/\"\u003eSophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Operation MiddleFloor: Unmasking the Disinformation Campaign Targeting Moldova\u0026#39;s National Elections\" rel=\"nofollow\" href=\"https://blog.checkpoint.com/research/operation-middlefloor-unmasking-the-disinformation-campaign-targeting-moldovas-national-elections/\"\u003eOperation MiddleFloor: Unmasking the Disinformation Campaign Targeting Moldova\u0026#39;s National Elections\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NSPX30: A sophisticated AitM-enabled implant evolving since 2005\" rel=\"nofollow\" href=\"https://www.welivesecurity.com/en/eset-research/nspx30-sophisticated-aitm-enabled-implant-evolving-since-2005/\"\u003eNSPX30: A sophisticated AitM-enabled implant evolving since 2005\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"backdoor in upstream xz/liblzma leading to ssh server compromise\" rel=\"nofollow\" href=\"https://seclists.org/oss-sec/2024/q1/268\"\u003ebackdoor in upstream xz/liblzma leading to ssh server compromise\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem\" rel=\"nofollow\" href=\"https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem\"\u003ePKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Tech Coup - How to Save Democracy from Silicon Valley\" rel=\"nofollow\" href=\"https://press.princeton.edu/books/hardcover/9780691241173/the-tech-coup?srsltid=AfmBOoq7pNBk27MtRxluxXHgYpx1hk2misTivpgZBRfkrplbw9t3q81i\"\u003eThe Tech Coup - How to Save Democracy from Silicon Valley\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 27: We discuss the discovery of a Palo Alto network firewall attack and a stealthy network edge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025.\r\n\r\nCast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade","date_published":"2024-12-27T11:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/55fe71f1-b9b4-4a31-8a0b-8f6a8d59b903.mp3","mime_type":"audio/mpeg","size_in_bytes":91383420,"duration_in_seconds":6791}]},{"id":"4e8b8384-f9ae-4e42-87fe-d72ab006ab10","title":"US government's VPN advice, dropping bombs on ransomware gangs","url":"https://securityconversations.fireside.fm/cisa-vpn-advice-tp-link-cellebrite-novispy","content_text":"Three Buddy Problem - Episode 26: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite.\n\nPlus, thoughts on the US government’s controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad's dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day!\n\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)Surveillance and the suppression of civil society in SerbiaCISA: VPN and mobile device security guidanceCostin Raiu: Staying safe from Pegasus, Chrysaor and other APT mobile malware (2024 update)\r\nBitsight: The Aftermath of the Kaspersky BanUS Probes China-Founded Router Maker TP-LinkRob Joyce: Move away from TP-LinkChina report on US intelligence corporate hackingForeign hackers need to face real consequencesIsrael's Mossad spent years orchestrating Hezbollah pager plotBeyondTrust 0daySophos Firewall CVSS 9.8 bulletin","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 26\u003c/strong\u003e: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International\u0026#39;s explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite.\u003c/p\u003e\n\n\u003cp\u003ePlus, thoughts on the US government’s controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad\u0026#39;s dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day!\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1v_-VcFPFydOVKG42d5hAO5MPx50HNR10l95h8Gh12WA/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Surveillance and the suppression of civil society in Serbia\" rel=\"nofollow\" href=\"https://www.amnesty.org/en/documents/eur70/8813/2024/en/\"\u003eSurveillance and the suppression of civil society in Serbia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA: VPN and mobile device security guidance\" rel=\"nofollow\" href=\"https://www.cisa.gov/sites/default/files/2024-12/guidance-mobile-communications-best-practices.pdf\"\u003eCISA: VPN and mobile device security guidance\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Costin Raiu: Staying safe from Pegasus, Chrysaor and other APT mobile malware (2024 update)\" rel=\"nofollow\" href=\"https://medium.com/@costin.raiu/staying-safe-from-pegasus-chrysaor-and-other-apt-mobile-malware-a923b56d645f\"\u003eCostin Raiu: Staying safe from Pegasus, Chrysaor and other APT mobile malware (2024 update)\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bitsight: The Aftermath of the Kaspersky Ban\" rel=\"nofollow\" href=\"https://www.bitsight.com/blog/aftermath-kaspersky-ban\"\u003eBitsight: The Aftermath of the Kaspersky Ban\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US Probes China-Founded Router Maker TP-Link\" rel=\"nofollow\" href=\"https://archive.ph/tzycz\"\u003eUS Probes China-Founded Router Maker TP-Link\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Rob Joyce: Move away from TP-Link\" rel=\"nofollow\" href=\"https://bsky.app/profile/rgblights.bsky.social/post/3ldlr2lrfe22y\"\u003eRob Joyce: Move away from TP-Link\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"China report on US intelligence corporate hacking\" rel=\"nofollow\" href=\"https://www.cert.org.cn/publish/main/8/2024/20241218184234131217571/20241218184234131217571_.html\"\u003eChina report on US intelligence corporate hacking\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Foreign hackers need to face real consequences\" rel=\"nofollow\" href=\"https://www.politico.com/news/2024/12/15/mike-waltz-hacking-foreign-penalties-00194415\"\u003eForeign hackers need to face real consequences\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Israel\u0026#39;s Mossad spent years orchestrating Hezbollah pager plot\" rel=\"nofollow\" href=\"https://www.cbsnews.com/news/israeli-mossad-pager-walkie-talkie-hezbollah-plot-60-minutes/\"\u003eIsrael\u0026#39;s Mossad spent years orchestrating Hezbollah pager plot\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BeyondTrust 0day\" rel=\"nofollow\" href=\"https://www.beyondtrust.com/remote-support-saas-service-security-investigation\"\u003eBeyondTrust 0day\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sophos Firewall CVSS 9.8 bulletin\" rel=\"nofollow\" href=\"https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce\"\u003eSophos Firewall CVSS 9.8 bulletin\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 26: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite.\r\n\r\nPlus, thoughts on the US government’s controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad's dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day!\r\n\r\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.","date_published":"2024-12-23T12:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/4e8b8384-f9ae-4e42-87fe-d72ab006ab10.mp3","mime_type":"audio/mpeg","size_in_bytes":97305809,"duration_in_seconds":7120}]},{"id":"1d7c6464-bcb3-4362-a308-5d0f46d2581a","title":"Surveillance economics, Turla and Careto, and the AI screenshots nobody asked for","url":"https://securityconversations.fireside.fm/apple-microsoft-ai-screenshots-nobody-asked-for","content_text":"Three Buddy Problem - Episode 25: An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. \n\nPlus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastructure, ethical considerations in cyberwarfare, and the implications of quantum computing on security and cryptocurrencies. \n\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)Turla using tools of other groups to attack Ukraine (Microsoft)EpicTurla.com: The lost reportsMicrosoft Recall screenshots credit cards and SSNsStephan Casas: macOS applications quietly capturing screenshotsCVE-2024-49138 - MS 0day exploited in the wildSanctions hit Chinese company behind Sophos 0day attackSentinelLabs: Operation Digital EyeCareto APT’s recent attacks discoveredClaroty: Inside a New OT/IoT cyberweaponPredatory Sparrow: cyber sabotage with a conscience?Willow, Google's state-of-the-art quantum chipWhat sucks in security? Research findings from 50+ security leaders","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 25\u003c/strong\u003e: An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. \u003c/p\u003e\n\n\u003cp\u003ePlus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastructure, ethical considerations in cyberwarfare, and the implications of quantum computing on security and cryptocurrencies. \u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1iSaLwiCLiTifTLfiM0oQYIl_mBZBswfgVXOAsT8GY1g/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Turla using tools of other groups to attack Ukraine (Microsoft)\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/security/blog/2024/12/11/frequent-freeloader-part-ii-russian-actor-secret-blizzard-using-tools-of-other-groups-to-attack-ukraine/\"\u003eTurla using tools of other groups to attack Ukraine (Microsoft)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"EpicTurla.com: The lost reports\" rel=\"nofollow\" href=\"https://www.epicturla.com/\"\u003eEpicTurla.com: The lost reports\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Recall screenshots credit cards and SSNs\" rel=\"nofollow\" href=\"https://www.tomshardware.com/software/windows/microsoft-recall-screenshots-credit-cards-and-social-security-numbers-even-with-the-sensitive-information-filter-enabled\"\u003eMicrosoft Recall screenshots credit cards and SSNs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Stephan Casas: macOS applications quietly capturing screenshots\" rel=\"nofollow\" href=\"https://x.com/stephancasas/status/1867147973479805058?s=46\u0026amp;t=ePKy91eN-ionB9LpDaBXcA\"\u003eStephan Casas: macOS applications quietly capturing screenshots\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2024-49138 - MS 0day exploited in the wild\" rel=\"nofollow\" href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138\"\u003eCVE-2024-49138 - MS 0day exploited in the wild\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sanctions hit Chinese company behind Sophos 0day attack\" rel=\"nofollow\" href=\"https://home.treasury.gov/news/press-releases/jy2742\"\u003eSanctions hit Chinese company behind Sophos 0day attack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SentinelLabs: Operation Digital Eye\" rel=\"nofollow\" href=\"https://www.sentinelone.com/labs/operation-digital-eye-chinese-apt-compromises-critical-digital-infrastructure-via-visual-studio-code-tunnels/\"\u003eSentinelLabs: Operation Digital Eye\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Careto APT’s recent attacks discovered\" rel=\"nofollow\" href=\"https://securelist.com/careto-is-back/114942/\"\u003eCareto APT’s recent attacks discovered\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Claroty: Inside a New OT/IoT cyberweapon\" rel=\"nofollow\" href=\"https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol\"\u003eClaroty: Inside a New OT/IoT cyberweapon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Predatory Sparrow: cyber sabotage with a conscience?\" rel=\"nofollow\" href=\"https://bindinghook.com/articles-binding-edge/predatory-sparrow-cyber-sabotage-with-a-conscience/\"\u003ePredatory Sparrow: cyber sabotage with a conscience?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Willow, Google\u0026#39;s state-of-the-art quantum chip\" rel=\"nofollow\" href=\"https://blog.google/technology/research/google-willow-quantum-chip/\"\u003eWillow, Google\u0026#39;s state-of-the-art quantum chip\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What sucks in security? Research findings from 50+ security leaders\" rel=\"nofollow\" href=\"https://mayakaczorowski.com/blogs/what-sucks-in-security\"\u003eWhat sucks in security? Research findings from 50+ security leaders\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 25: An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. \r\n\r\nPlus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastructure, ethical considerations in cyberwarfare, and the implications of quantum computing on security and cryptocurrencies. \r\n\r\nCast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.","date_published":"2024-12-13T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1d7c6464-bcb3-4362-a308-5d0f46d2581a.mp3","mime_type":"audio/mpeg","size_in_bytes":109974427,"duration_in_seconds":8047}]},{"id":"af6d806f-6e02-4b8a-b12c-ed94b0f61215","title":"Inside the Turla Playbook: Hijacking APTs and fourth-party espionage","url":"https://securityconversations.fireside.fm/inside-turla-playbook-hijacking-apt-fourth-party-collection","content_text":"Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok.\n\nCast: Juan Andres Guerrero-Saade, Costin Raiuand Ryan Naraine.Links:Transcript (unedited, AI-generated)Russian APT Turla Caught Stealing From Pakistani APTSnowblind: The Invisible Hand of Secret BlizzardMicrosoft: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security BlogEpicTurla.comDevice Confiscated by Russian Authorities Returned with Monokle-Type SpywareLookout Security research paper on Monokle spywareParubets: How a programmer foiled his own FSB recruitmentCISA/FBI guidance to repel Salt TyphoonUS officials say they still have not expelled Chinese telco hackersSolana backdoored in supply chain hackRomania's top court annuls first round of presidential vote won by far-right candidate","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 24\u003c/strong\u003e: In this episode, we did into Lumen/Microsoft’s revelations on Russia\u0026#39;s Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e, \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003eand \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1agQ0TqskvYwnB69rmf2jcUReWMJQDfiIv6nrphsEWo0/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russian APT Turla Caught Stealing From Pakistani APT\" rel=\"nofollow\" href=\"https://www.securityweek.com/spy-v-spy-russian-apt-turla-caught-stealing-from-pakistani-apt/\"\u003eRussian APT Turla Caught Stealing From Pakistani APT\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Snowblind: The Invisible Hand of Secret Blizzard\" rel=\"nofollow\" href=\"https://blog.lumen.com/snowblind-the-invisible-hand-of-secret-blizzard/\"\u003eSnowblind: The Invisible Hand of Secret Blizzard\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/\"\u003eMicrosoft: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"EpicTurla.com\" rel=\"nofollow\" href=\"https://epicturla.com\"\u003eEpicTurla.com\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware\" rel=\"nofollow\" href=\"https://citizenlab.ca/2024/12/device-confiscated-by-russian-authorities-returned-with-monokle-type-spyware-installed/\"\u003eDevice Confiscated by Russian Authorities Returned with Monokle-Type Spyware\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lookout Security research paper on Monokle spyware\" rel=\"nofollow\" href=\"https://www.lookout.com/documents/threat-reports/lookout-discovers-monokle-threat-report.pdf\"\u003eLookout Security research paper on Monokle spyware\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Parubets: How a programmer foiled his own FSB recruitment\" rel=\"nofollow\" href=\"https://dept.one/story/parubets/\"\u003eParubets: How a programmer foiled his own FSB recruitment\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA/FBI guidance to repel Salt Typhoon\" rel=\"nofollow\" href=\"https://www.cisa.gov/resources-tools/resources/enhanced-visibility-and-hardening-guidance-communications-infrastructure\"\u003eCISA/FBI guidance to repel Salt Typhoon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US officials say they still have not expelled Chinese telco hackers\" rel=\"nofollow\" href=\"https://archive.ph/pncES\"\u003eUS officials say they still have not expelled Chinese telco hackers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Solana backdoored in supply chain hack\" rel=\"nofollow\" href=\"https://github.com/solana-labs/solana-web3.js/releases\"\u003eSolana backdoored in supply chain hack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Romania\u0026#39;s top court annuls first round of presidential vote won by far-right candidate\" rel=\"nofollow\" href=\"https://apnews.com/article/romania-election-president-georgescu-court-585e8f8f3ce7013951f5c7cf4054179b\"\u003eRomania\u0026#39;s top court annuls first round of presidential vote won by far-right candidate\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 24: In this episode, we dig into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok.\r\n\r\nCast: Juan Andres Guerrero-Saade, Costin Raiu, Ryan Naraine.","date_published":"2024-12-07T11:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/af6d806f-6e02-4b8a-b12c-ed94b0f61215.mp3","mime_type":"audio/mpeg","size_in_bytes":89199523,"duration_in_seconds":6428}]},{"id":"38eb067c-05af-457d-91b4-9e809083d842","title":"Volexity’s Steven Adair on Russian Wi-Fi hacks, memory forensics, appliance 0days and network inspectability","url":"https://securityconversations.fireside.fm/steven-adair-nearest-neighbor-wifi-hack","content_text":"Three Buddy Problem - Episode 23: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions.\n\nWe also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET's discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).\n\nHonorary buddy: Steven Adair (Volexity)Links:Transcript (unedited, AI-generated)Steven Adair on LinkedInThe Nearest Neighbor Wi-Fi Attack Detecting Compromise of Palo Alto Networks GlobalProtect DevicesVolexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-DaysVolexity Warns of 'Active Exploitation' of Zimbra Zero-DayRomCom exploits Firefox and Windows zero days in the wildBootkitty: Analyzing the first UEFI bootkit for LinuxBinarly: LogoFAIL Exploited to Deploy BootkittyT-Mobile statement on Salt TyphooonLABScon24 Replay -- Cristina Cifuentes","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 23\u003c/strong\u003e: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions.\u003c/p\u003e\n\n\u003cp\u003eWe also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET\u0026#39;s discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eHonorary buddy:\u003c/strong\u003e \u003ca href=\"https://twitter.com/sadair\" rel=\"nofollow\"\u003eSteven Adair\u003c/a\u003e (Volexity)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/10qv33zxzGUqQFkFc3FQ8ErRIdEdg4P8wUjBoIW5V1ZY/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Steven Adair on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/sadair/\"\u003eSteven Adair on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Nearest Neighbor Wi-Fi Attack \" rel=\"nofollow\" href=\"https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/\"\u003eThe Nearest Neighbor Wi-Fi Attack \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Detecting Compromise of Palo Alto Networks GlobalProtect Devices\" rel=\"nofollow\" href=\"https://www.volexity.com/blog/2024/05/15/detecting-compromise-of-cve-2024-3400-on-palo-alto-networks-globalprotect-devices/\"\u003eDetecting Compromise of Palo Alto Networks GlobalProtect Devices\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days\" rel=\"nofollow\" href=\"https://www.securityweek.com/volexity-catches-chinese-hackers-exploiting-ivanti-vpn-zero-days/\"\u003eVolexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Volexity Warns of \u0026#39;Active Exploitation\u0026#39; of Zimbra Zero-Day\" rel=\"nofollow\" href=\"https://www.securityweek.com/volexity-warns-active-exploitation-zimbra-zero-day/\"\u003eVolexity Warns of \u0026#39;Active Exploitation\u0026#39; of Zimbra Zero-Day\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"RomCom exploits Firefox and Windows zero days in the wild\" rel=\"nofollow\" href=\"https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/\"\u003eRomCom exploits Firefox and Windows zero days in the wild\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bootkitty: Analyzing the first UEFI bootkit for Linux\" rel=\"nofollow\" href=\"https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/\"\u003eBootkitty: Analyzing the first UEFI bootkit for Linux\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Binarly: LogoFAIL Exploited to Deploy Bootkitty\" rel=\"nofollow\" href=\"https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux\"\u003eBinarly: LogoFAIL Exploited to Deploy Bootkitty\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"T-Mobile statement on Salt Typhooon\" rel=\"nofollow\" href=\"https://www.t-mobile.com/news/un-carrier/update-cyberattacks-targeting-us-wireless-companies\"\u003eT-Mobile statement on Salt Typhooon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon24 Replay -- Cristina Cifuentes\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=wo3xEa2elp4\u0026amp;ab_channel=SentinelOne\"\u003eLABScon24 Replay -- Cristina Cifuentes\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 23: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions.\r\n\r\nWe also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET's discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem.\r\n\r\nCast: Ryan Naraine (SecurityWeek), Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh).\r\n\r\nHonorary buddy: Steven Adair (Volexity)","date_published":"2024-11-30T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/38eb067c-05af-457d-91b4-9e809083d842.mp3","mime_type":"audio/mpeg","size_in_bytes":68926322,"duration_in_seconds":4713}]},{"id":"9a555cb5-87d5-444f-b6c3-56ce4cf24bde","title":"Sid Trivedi on the RSA Innovation Sandbox $5 million investment gambit","url":"https://securityconversations.fireside.fm/sid-trivedi-foundation-capital-rsa-sandbox","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nBinary Risk Hunt (https://risk.binarly.io)\n\n\nIn this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discounts and pro-rata rights.\n\nAlso discussed: controversial pay-for-play dynamics involving CISOs and venture capital firms, ethical implications of CISOs taking advisory positions in startups, and the challenges of investing in seed-stage startups amidst a trend towards platformization. Links:RSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million InvestmentRSA Innovation Sandbox: $50 Million Annual Investment Program for Top 10 FinalistsRSA Conference - How do SAFEs work?This VC Built A Cybersecurity Unicorn Machine. Then Came A Conflict Of Interest Mess.The Gili Ra’anan model: CISOs and VCs controversySid Trivedi bioFoundation Capital","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBinary Risk Hunt (\u003ca href=\"https://risk.binarly.io\" rel=\"nofollow\"\u003ehttps://risk.binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eIn this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discounts and pro-rata rights.\u003c/p\u003e\n\n\u003cp\u003eAlso discussed: controversial pay-for-play dynamics involving CISOs and venture capital firms, ethical implications of CISOs taking advisory positions in startups, and the challenges of investing in seed-stage startups amidst a trend towards platformization. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"RSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment\" rel=\"nofollow\" href=\"https://www.securityweek.com/rsa-conference-will-take-equity-in-innovation-sandbox-startup-finalists/\"\u003eRSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"RSA Innovation Sandbox: $50 Million Annual Investment Program for Top 10 Finalists\" rel=\"nofollow\" href=\"https://www.rsaconference.com/library/press-release/rsa-conference-2025-innovation-sandbox-contest-celebrates-20th-anniversary\"\u003eRSA Innovation Sandbox: $50 Million Annual Investment Program for Top 10 Finalists\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"RSA Conference - How do SAFEs work?\" rel=\"nofollow\" href=\"https://www.rsaconference.com/usa/programs/innovation-sandbox/safe\"\u003eRSA Conference - How do SAFEs work?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"This VC Built A Cybersecurity Unicorn Machine. Then Came A Conflict Of Interest Mess.\" rel=\"nofollow\" href=\"https://archive.ph/RRHHE\"\u003eThis VC Built A Cybersecurity Unicorn Machine. Then Came A Conflict Of Interest Mess.\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Gili Ra’anan model: CISOs and VCs controversy\" rel=\"nofollow\" href=\"https://www.calcalistech.com/ctechnews/article/b1a1jn00hc\"\u003eThe Gili Ra’anan model: CISOs and VCs controversy\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sid Trivedi bio\" rel=\"nofollow\" href=\"https://foundationcapital.com/member/sid-trivedi/\"\u003eSid Trivedi bio\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Foundation Capital\" rel=\"nofollow\" href=\"https://foundationcapital.com/\"\u003eFoundation Capital\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the firmware security experts (https://binarly.io)\r\n- Binary Risk Hunt (https://risk.binarly.io)\r\n\r\nIn this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discounts and pro-rata rights.\r\n\r\nAlso discussed: controversial pay-for-play dynamics involving CISOs and venture capital firms, ethical implications of CISOs taking advisory positions in startups, and the challenges of investing in seed-stage startups amidst a trend towards platformization. ","date_published":"2024-11-28T07:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/9a555cb5-87d5-444f-b6c3-56ce4cf24bde.mp3","mime_type":"audio/mpeg","size_in_bytes":52339389,"duration_in_seconds":3672}]},{"id":"afa36e08-3818-4a0c-ac7a-55ff9ff6c02b","title":"Russian APT weaponized nearby Wi-Fi networks in DC, new macOS zero-days, DOJ v Chrome","url":"https://securityconversations.fireside.fm/tbp-ep22","content_text":"Three Buddy Problem - Episode 22: We discuss Volexity’s presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA's strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurity risks.\n\nWe also cover two new Apple zero-days being exploited in the wild, the US Government’s demand that Google sell the Chrome browser, and the value of data in the context of AI.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript - (unedited, AI-generated)Russian APT WiFI Nearest Neighbor Attack Russian Spies Jumped From One Network to Another Via Wi-FiAdvisory: New exploited Apple zero-daysNSA Director Wants Industry to Disclose Details of Telecom Hacks\r\nMicrosoft's \"Free\" Plan to Upgrade Government Cybersecurity Was Designed to Box Out Competitors and Drive ProfitsMicrosoft accuses Google of 'Shadow Campaigns'DOJ calls for breakup of Google and sale of ChromeDPRK IT Workers -- A Network of Active Front Companies and Their Links to ChinaBe careful when coding with ChatGPTGSM-Symbolic: Understanding the Limitations of Mathematical Reasoning in Large Language ModelsPIVOTcon 2025","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 22\u003c/strong\u003e: We discuss Volexity’s presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA\u0026#39;s strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurity risks.\u003c/p\u003e\n\n\u003cp\u003eWe also cover two new Apple zero-days being exploited in the wild, the US Government’s demand that Google sell the Chrome browser, and the value of data in the context of AI.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript - (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1-NW6qC6vrI-zQZMM1fQ7ldGgUwFUohtVun1CHsxl_TU/edit?tab=t.0\"\u003eTranscript - (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russian APT WiFI Nearest Neighbor Attack \" rel=\"nofollow\" href=\"https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/\"\u003eRussian APT WiFI Nearest Neighbor Attack \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russian Spies Jumped From One Network to Another Via Wi-Fi\" rel=\"nofollow\" href=\"https://archive.ph/f0O3n\"\u003eRussian Spies Jumped From One Network to Another Via Wi-Fi\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Advisory: New exploited Apple zero-days\" rel=\"nofollow\" href=\"https://support.apple.com/en-us/121753\"\u003eAdvisory: New exploited Apple zero-days\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NSA Director Wants Industry to Disclose Details of Telecom Hacks\" rel=\"nofollow\" href=\"https://archive.ph/2024.11.20-231241/https://www.bloomberg.com/news/articles/2024-11-20/nsa-director-wants-industry-to-disclose-details-of-telecom-hacks#selection-1321.13-1328.0\"\u003eNSA Director Wants Industry to Disclose Details of Telecom Hacks\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft\u0026#39;s \u0026quot;Free\u0026quot; Plan to Upgrade Government Cybersecurity Was Designed to Box Out Competitors and Drive Profits\" rel=\"nofollow\" href=\"https://www.propublica.org/article/microsoft-white-house-offer-cybersecurity-biden-nadella\"\u003eMicrosoft\u0026#39;s \u0026quot;Free\u0026quot; Plan to Upgrade Government Cybersecurity Was Designed to Box Out Competitors and Drive Profits\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft accuses Google of \u0026#39;Shadow Campaigns\u0026#39;\" rel=\"nofollow\" href=\"https://blogs.microsoft.com/on-the-issues/2024/10/28/googles-shadow-campaigns/\"\u003eMicrosoft accuses Google of \u0026#39;Shadow Campaigns\u0026#39;\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DOJ calls for breakup of Google and sale of Chrome\" rel=\"nofollow\" href=\"https://www.nbcnews.com/news/us-news/google-department-of-justice-chrome-sale-breakup-microsoft-apple-rcna181133\"\u003eDOJ calls for breakup of Google and sale of Chrome\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DPRK IT Workers -- A Network of Active Front Companies and Their Links to China\" rel=\"nofollow\" href=\"https://www.sentinelone.com/labs/dprk-it-workers-a-network-of-active-front-companies-and-their-links-to-china/\"\u003eDPRK IT Workers -- A Network of Active Front Companies and Their Links to China\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Be careful when coding with ChatGPT\" rel=\"nofollow\" href=\"https://x.com/r_cky0/status/1859656430888026524\"\u003eBe careful when coding with ChatGPT\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"GSM-Symbolic: Understanding the Limitations of Mathematical Reasoning in Large Language Models\" rel=\"nofollow\" href=\"https://arxiv.org/pdf/2410.05229\"\u003eGSM-Symbolic: Understanding the Limitations of Mathematical Reasoning in Large Language Models\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PIVOTcon 2025\" rel=\"nofollow\" href=\"https://pivotcon.org/\"\u003ePIVOTcon 2025\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 22: We discuss Volexity’s presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA's strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurity risks.\r\n\r\nWe also cover two new Apple zero-days being exploited in the wild, the US Government’s demand that Google sell the Chrome browser, and the value of data in the context of AI.\r\n\r\nCast: Ryan Naraine (SecurityWeek), Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh).","date_published":"2024-11-22T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/afa36e08-3818-4a0c-ac7a-55ff9ff6c02b.mp3","mime_type":"audio/mpeg","size_in_bytes":71756075,"duration_in_seconds":5302}]},{"id":"fde7baf5-5ce2-4870-ac23-2881f78b9684","title":"What happens to CISA now? Is deterrence in cyber possible?","url":"https://securityconversations.fireside.fm/tbp-ep21","content_text":"Three Buddy Problem - Episode 21: We dig into an incredible government report on Iranian hacking group Emennet Pasargad and tradecraft during the Israel/Hamas war, why Predatory Sparrow could have been aimed at deterrence in cyber, and the FBI/CISA public confirmation of the mysterious Salt Typhoon hacks. \n\nPlus, discussion on hina’s cyber capabilities, the narrative around “pre-positioning” for a Taiwan conflict, the blending of cyber and kinetic operations, and the long tail of Chinese researchers reporting Microsoft Windows vulnerabilities. The future of CISA is a recurring theme throughout this episode with some speculation about what happens to the agency under the Trump administration.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript (unedited, AI-generated)CISA/Israel gov report on Iranian hacking operationsCheck Point: A deep-dive of Iran's WezRat malwareTrend Micro report on Earth EstriesFBI/CISA on China hacking US telcosUS accuses China of vast cyberespionage against telecomsVolt Typhoon hackers hit SingTel in SingaporeNew Palo Alto firewall 0day attackCVE-2024-43450 - China reports Windows DNS Spoofing vuln","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 21\u003c/strong\u003e: We dig into an incredible government report on Iranian hacking group Emennet Pasargad and tradecraft during the Israel/Hamas war, why Predatory Sparrow could have been aimed at deterrence in cyber, and the FBI/CISA public confirmation of the mysterious Salt Typhoon hacks. \u003c/p\u003e\n\n\u003cp\u003ePlus, discussion on hina’s cyber capabilities, the narrative around “pre-positioning” for a Taiwan conflict, the blending of cyber and kinetic operations, and the long tail of Chinese researchers reporting Microsoft Windows vulnerabilities. The future of CISA is a recurring theme throughout this episode with some speculation about what happens to the agency under the Trump administration.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/19N5nXfxOZNhXeq_dlWVNx9kKQE3ldoUtgJbcq3huNDM/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA/Israel gov report on Iranian hacking operations\" rel=\"nofollow\" href=\"https://www.ic3.gov/CSA/2024/241030.pdf\"\u003eCISA/Israel gov report on Iranian hacking operations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Check Point: A deep-dive of Iran\u0026#39;s WezRat malware\" rel=\"nofollow\" href=\"https://research.checkpoint.com/2024/wezrat-malware-deep-dive/\"\u003eCheck Point: A deep-dive of Iran\u0026#39;s WezRat malware\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Trend Micro report on Earth Estries\" rel=\"nofollow\" href=\"https://www.trendmicro.com/en_us/research/24/k/breaking-down-earth-estries-persistent-ttps-in-prolonged-cyber-o.html\"\u003eTrend Micro report on Earth Estries\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FBI/CISA on China hacking US telcos\" rel=\"nofollow\" href=\"https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-peoples-republic-china-prc-targeting-commercial-telecommunications\"\u003eFBI/CISA on China hacking US telcos\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US accuses China of vast cyberespionage against telecoms\" rel=\"nofollow\" href=\"https://archive.ph/kdC7a\"\u003eUS accuses China of vast cyberespionage against telecoms\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Volt Typhoon hackers hit SingTel in Singapore\" rel=\"nofollow\" href=\"https://archive.ph/PefIJ\"\u003eVolt Typhoon hackers hit SingTel in Singapore\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Palo Alto firewall 0day attack\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/PAN-SA-2024-0015\"\u003eNew Palo Alto firewall 0day attack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2024-43450 - China reports Windows DNS Spoofing vuln\" rel=\"nofollow\" href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43450\"\u003eCVE-2024-43450 - China reports Windows DNS Spoofing vuln\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 21: We dig into an incredible government report on Iranian hacking group Emennet Pasargad and tradecraft during the Israel/Hamas war, why Predatory Sparrow could have been aimed at deterrence in cyber, and the significance of the FBI/CISA public confirmation of China-linked Salt Typhoon hacks. \r\n\r\nPlus, discussion on hina’s cyber capabilities, the narrative around “pre-positioning” for a Taiwan conflict, the blending of cyber and kinetic operations, and the long tail of Chinese researchers reporting Microsoft Windows vulnerabilities. The future of CISA is a recurring theme throughout this episode with some speculation about what happens to the agency under the Trump administration.\r\n\r\nCast: Ryan Naraine (SecurityWeek), Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh).","date_published":"2024-11-15T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/fde7baf5-5ce2-4870-ac23-2881f78b9684.mp3","mime_type":"audio/mpeg","size_in_bytes":93206263,"duration_in_seconds":6831}]},{"id":"4b7375c6-6a49-4e92-8bd1-e706a996e883","title":"Mysterious rebooting iPhones, EDR vendors spying on hackers, Bitcoin 'meatspace' attacks","url":"https://securityconversations.fireside.fm/tbp-ep20","content_text":"Three Buddy Problem - Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript (unedited, AI-generated)iPhones mysteriously rebooting themselvesApple quietly ships iPhone reboot codeFBI on China hacking US presidential campaigns iPhonesChinese hackers Targeted Phones of Trump, Vance, Harris CampaignsPalo Alto: EDR Bypass Testing Reveals Threat Actor's ToolkitPalo Alto CVE-2024-5910 marked as exploitedToronto crypto company CEO kidnappedA list of known 'meatspace' crypto attacksNorth Korea crypto thieves targets macOS","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 20\u003c/strong\u003e: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1_R5EC39CoxPRz67njLfqKVLjq8bdkdh6h7l7UwaVHAE/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"iPhones mysteriously rebooting themselves\" rel=\"nofollow\" href=\"https://archive.vn/JMEbq\"\u003eiPhones mysteriously rebooting themselves\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple quietly ships iPhone reboot code\" rel=\"nofollow\" href=\"https://archive.ph/lpoLQ\"\u003eApple quietly ships iPhone reboot code\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FBI on China hacking US presidential campaigns iPhones\" rel=\"nofollow\" href=\"https://archive.ph/iAQzO\"\u003eFBI on China hacking US presidential campaigns iPhones\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chinese hackers Targeted Phones of Trump, Vance, Harris Campaigns\" rel=\"nofollow\" href=\"https://www.wsj.com/politics/national-security/chinese-hackers-targeted-phones-of-trump-vance-and-harris-campaign-e04abbdf?mod=article_inline\"\u003eChinese hackers Targeted Phones of Trump, Vance, Harris Campaigns\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Palo Alto: EDR Bypass Testing Reveals Threat Actor\u0026#39;s Toolkit\" rel=\"nofollow\" href=\"https://unit42.paloaltonetworks.com/edr-bypass-extortion-attempt-thwarted/\"\u003ePalo Alto: EDR Bypass Testing Reveals Threat Actor\u0026#39;s Toolkit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Palo Alto CVE-2024-5910 marked as exploited\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/CVE-2024-5910\"\u003ePalo Alto CVE-2024-5910 marked as exploited\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Toronto crypto company CEO kidnapped\" rel=\"nofollow\" href=\"https://www.cbc.ca/news/canada/toronto/kidnapping-toronto-businessman-cryptocurrency-1.7376679\"\u003eToronto crypto company CEO kidnapped\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"A list of known \u0026#39;meatspace\u0026#39; crypto attacks\" rel=\"nofollow\" href=\"https://github.com/jlopp/physical-bitcoin-attacks\"\u003eA list of known \u0026#39;meatspace\u0026#39; crypto attacks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"North Korea crypto thieves targets macOS\" rel=\"nofollow\" href=\"https://www.sentinelone.com/labs/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence/\"\u003eNorth Korea crypto thieves targets macOS\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft.\r\n\r\nCast: Ryan Naraine (SecurityWeek), Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh).","date_published":"2024-11-09T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/4b7375c6-6a49-4e92-8bd1-e706a996e883.mp3","mime_type":"audio/mpeg","size_in_bytes":76955697,"duration_in_seconds":5820}]},{"id":"afe08ad2-3625-4575-aaae-280d146e474c","title":"The Sophos kernel implant, 'hack-back' implications, CIA malware in Venezuela","url":"https://securityconversations.fireside.fm/tbp-ep19","content_text":"Three Buddy Problem - Episode 19: We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bracing for .gov attacks from India.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript (unedited, AI-generated)Ivan Kwiatkowski: Threat intel truths insideJAG-S LABScon keynoteSophos Used Custom Implants to Surveil Chinese HackersSophos Pacific Rim reportNCSC details ‘Pygmy Goat’ network backdoorNCSC 'Pygmy Goat' reportMassive hack-for-hire scandal rocks Italian political elites – POLITICOVatican, Israel implicated in Italy hacking scandalWired on CIA hack of Venezuela military payroll systemIs Now on VT!","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 19\u003c/strong\u003e: We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bracing for .gov attacks from India.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1U8q76wqVXIs9Sdc8vuqAr2S9CtknvnYryxS6l0IALv8/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ivan Kwiatkowski: Threat intel truths inside\" rel=\"nofollow\" href=\"https://blog.kwiatkowski.fr/threat-intel-truths-inside\"\u003eIvan Kwiatkowski: Threat intel truths inside\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"JAG-S LABScon keynote\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/ep13-the-consolation-of-threat-intel-jag-s-labscon-keynote/\"\u003eJAG-S LABScon keynote\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sophos Used Custom Implants to Surveil Chinese Hackers\" rel=\"nofollow\" href=\"https://www.securityweek.com/sophos-used-custom-implants-to-surveil-chinese-hackers-targeting-firewall-zero-days/\"\u003eSophos Used Custom Implants to Surveil Chinese Hackers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sophos Pacific Rim report\" rel=\"nofollow\" href=\"https://www.sophos.com/en-us/content/pacific-rim\"\u003eSophos Pacific Rim report\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NCSC details ‘Pygmy Goat’ network backdoor\" rel=\"nofollow\" href=\"https://www.securityweek.com/ncsc-details-pygmy-goat-backdoor-planted-on-hacked-sophos-firewall-devices/\"\u003eNCSC details ‘Pygmy Goat’ network backdoor\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NCSC \u0026#39;Pygmy Goat\u0026#39; report\" rel=\"nofollow\" href=\"https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/pygmy-goat/ncsc-mar-pygmy-goat.pdf\"\u003eNCSC \u0026#39;Pygmy Goat\u0026#39; report\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Massive hack-for-hire scandal rocks Italian political elites – POLITICO\" rel=\"nofollow\" href=\"https://www.politico.eu/article/hacking-scandal-italy-matteo-renzi-sergio-mattarella-equalize-nunzio-samuele-calamucci/\"\u003eMassive hack-for-hire scandal rocks Italian political elites – POLITICO\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Vatican, Israel implicated in Italy hacking scandal\" rel=\"nofollow\" href=\"https://www.politico.eu/article/vatican-israel-italian-hacking-scandal-uk-lithuania-equalize/\"\u003eVatican, Israel implicated in Italy hacking scandal\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wired on CIA hack of Venezuela military payroll system\" rel=\"nofollow\" href=\"https://www.wired.com/story/trump-cia-venezuela-maduro-regime-change-plot/?utm_medium=social\u0026amp;mbid=social_twitter\u0026amp;utm_social-type=owned\u0026amp;utm_source=twitter\u0026amp;utm_brand=wired\"\u003eWired on CIA hack of Venezuela military payroll system\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Is Now on VT!\" rel=\"nofollow\" href=\"https://x.com/Now_on_VT\"\u003eIs Now on VT!\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 19: We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bracing for .gov attacks from India.\r\n\r\nCast: Ryan Naraine (SecurityWeek), Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh).","date_published":"2024-11-03T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/afe08ad2-3625-4575-aaae-280d146e474c.mp3","mime_type":"audio/mpeg","size_in_bytes":89415224,"duration_in_seconds":6854}]},{"id":"90ccac79-0895-4cbf-a28e-805a46c7e3da","title":"Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel","url":"https://securityconversations.fireside.fm/tbp-ep18","content_text":"Three Buddy Problem - Episode 18: This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy beefing with Sentinel One over APT reporting.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript (AI-generated)White House TLP guidanceApplin -- How an Indian startup hacked the worldBurning Zero Days: FortiJump FortiManager FlawMandiant on FortiManager Zero-Day ExploitationFortinet bulletin on new 0day exploitationRadiant Capital $50M cryptocurrency theftDPRK's Lazarus steals cryptocurrency with decoy MOBA gameApple opens Private Cloud Compute to security inspectionRussians booted from Linux kernel driver maintenanceAntiy paper responding to SentinelOne","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 18\u003c/strong\u003e: This week’s show covers the White House\u0026#39;s new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy beefing with Sentinel One over APT reporting.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1z-Dz25Mmb_97ulETvoKROgQPiN5BHQ_USGvArAqpFXs/edit?usp=sharing\"\u003eTranscript (AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"White House TLP guidance\" rel=\"nofollow\" href=\"https://www.whitehouse.gov/oncd/briefing-room/2024/10/22/doubling-down-on-trusted-partnerships-our-commitment-to-researchers/\"\u003eWhite House TLP guidance\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Applin -- How an Indian startup hacked the world\" rel=\"nofollow\" href=\"https://www.reuters.com/investigates/special-report/usa-hackers-appin/\"\u003eApplin -- How an Indian startup hacked the world\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Burning Zero Days: FortiJump FortiManager Flaw\" rel=\"nofollow\" href=\"https://doublepulsar.com/burning-zero-days-fortijump-fortimanager-vulnerability-used-by-nation-state-in-espionage-via-msps-c79abec59773\"\u003eBurning Zero Days: FortiJump FortiManager Flaw\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mandiant on FortiManager Zero-Day Exploitation\" rel=\"nofollow\" href=\"https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575\"\u003eMandiant on FortiManager Zero-Day Exploitation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fortinet bulletin on new 0day exploitation\" rel=\"nofollow\" href=\"https://www.fortiguard.com/psirt/FG-IR-24-423\"\u003eFortinet bulletin on new 0day exploitation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Radiant Capital $50M cryptocurrency theft\" rel=\"nofollow\" href=\"https://medium.com/@RadiantCapital/radiant-post-mortem-fecd6cd38081\"\u003eRadiant Capital $50M cryptocurrency theft\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DPRK\u0026#39;s Lazarus steals cryptocurrency with decoy MOBA game\" rel=\"nofollow\" href=\"https://securelist.com/lazarus-apt-steals-crypto-with-a-tank-game/114282/\"\u003eDPRK\u0026#39;s Lazarus steals cryptocurrency with decoy MOBA game\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple opens Private Cloud Compute to security inspection\" rel=\"nofollow\" href=\"https://security.apple.com/blog/pcc-security-research\"\u003eApple opens Private Cloud Compute to security inspection\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russians booted from Linux kernel driver maintenance\" rel=\"nofollow\" href=\"https://www.phoronix.com/news/Russian-Linux-Maintainers-Drop\"\u003eRussians booted from Linux kernel driver maintenance\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Antiy paper responding to SentinelOne\" rel=\"nofollow\" href=\"https://www.antiy.net/p/fight-against-the-bald-eagle-in-the-fog-relaying-cooperating-and-specific-contribution/\"\u003eAntiy paper responding to SentinelOne\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 18: This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy beefing with Sentinel One over APT reporting.\r\n\r\nCast: Ryan Naraine (SecurityWeek), Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh).","date_published":"2024-10-25T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/90ccac79-0895-4cbf-a28e-805a46c7e3da.mp3","mime_type":"audio/mpeg","size_in_bytes":63377599,"duration_in_seconds":5204}]},{"id":"71d290f7-c156-48af-a22c-c4d3ca4b3f44","title":"ESET Israel wiper malware, China's Volt Typhoon response, Kaspersky sanctions and isolation","url":"https://securityconversations.fireside.fm/tbp-ep17","content_text":"Three Buddy Problem - Episode 17: News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influences affecting cybersecurity reporting.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:ESET Israel wiper attacksESET comment on Israel wiper incidentDakota Cary on China’s Volt Typhoon Influence OpsVolt Typhoon III (PDF)US Sanctions 12 Kaspersky ExecutivesKaspersky closing down its UK officeMAPP vendor listVirusTotalTranscript (AI-generated)","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 17\u003c/strong\u003e: News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China\u0026#39;s strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influences affecting cybersecurity reporting.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"ESET Israel wiper attacks\" rel=\"nofollow\" href=\"https://doublepulsar.com/eiw-eset-israel-wiper-used-in-active-attacks-targeting-israeli-orgs-b1210aed7021\"\u003eESET Israel wiper attacks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ESET comment on Israel wiper incident\" rel=\"nofollow\" href=\"https://x.com/ESETresearch/status/1847192384448172387\"\u003eESET comment on Israel wiper incident\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dakota Cary on China’s Volt Typhoon Influence Ops\" rel=\"nofollow\" href=\"https://www.sentinelone.com/labs/chinas-influence-ops-twisting-tales-of-volt-typhoon-at-home-and-abroad/\"\u003eDakota Cary on China’s Volt Typhoon Influence Ops\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Volt Typhoon III (PDF)\" rel=\"nofollow\" href=\"https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_EN.pdf\"\u003eVolt Typhoon III (PDF)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US Sanctions 12 Kaspersky Executives\" rel=\"nofollow\" href=\"https://www.securityweek.com/us-sanctions-12-kaspersky-executives/\"\u003eUS Sanctions 12 Kaspersky Executives\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kaspersky closing down its UK office\" rel=\"nofollow\" href=\"https://techcrunch.com/2024/10/08/kasperksy-says-its-closing-down-its-uk-office-and-laying-off-dozens/\"\u003eKaspersky closing down its UK office\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MAPP vendor list\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/msrc/mapp\"\u003eMAPP vendor list\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"VirusTotal\" rel=\"nofollow\" href=\"https://www.virustotal.com/gui/home/upload\"\u003eVirusTotal\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Transcript (AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1w7-KN0SiU-wHiGlOXAfuydgwAgKkmEw-xKLEubNm19k/edit?usp=sharing\"\u003eTranscript (AI-generated)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 17: News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influences affecting cybersecurity reporting.\r\n\r\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).","date_published":"2024-10-18T12:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/71d290f7-c156-48af-a22c-c4d3ca4b3f44.mp3","mime_type":"audio/mpeg","size_in_bytes":78696217,"duration_in_seconds":5898}]},{"id":"b270f0b1-359a-43e1-b218-7b1329f43093","title":"Typhoons and Blizzards: Cyberespionage and national security on front burner","url":"https://securityconversations.fireside.fm/tbp-ep16","content_text":"Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:NCSC exposé on SVR/APT29 history and tacticsAPT29 / Midnight BlizzardVIDEO: A Surprise Encounter With A Telco APTThe Athens Affair - IEEE Spectrum — How some extremely smart hackers pulled off the most audacious cell-network break-in everWikipedia: The Athens AffairWSJ report on Salt Typhoon hacksIn-the-wild zero-day counterMicrosoft Confirms Exploited Zero-Day in Windows Management Console","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 16\u003c/strong\u003e: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"NCSC exposé on SVR/APT29 history and tactics\" rel=\"nofollow\" href=\"https://www.ncsc.gov.uk/news/russian-foreign-intelligence-poses-global-threat-with-cyber-campaign-exploiting-established-vulnerabilities\"\u003eNCSC exposé on SVR/APT29 history and tactics\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"APT29 / Midnight Blizzard\" rel=\"nofollow\" href=\"https://attack.mitre.org/groups/G0016/\"\u003eAPT29 / Midnight Blizzard\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"VIDEO: A Surprise Encounter With A Telco APT\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=xCU47bJoLho\u0026amp;ab_channel=HackInTheBoxSecurityConference\"\u003eVIDEO: A Surprise Encounter With A Telco APT\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Athens Affair - IEEE Spectrum\" rel=\"nofollow\" href=\"https://spectrum.ieee.org/the-athens-affair\"\u003eThe Athens Affair - IEEE Spectrum\u003c/a\u003e \u0026mdash; How some extremely smart hackers pulled off the most audacious cell-network break-in ever\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wikipedia: The Athens Affair\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%9305\"\u003eWikipedia: The Athens Affair\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WSJ report on Salt Typhoon hacks\" rel=\"nofollow\" href=\"https://www.wsj.com/politics/national-security/u-s-officials-race-to-understand-severity-of-chinas-salt-typhoon-hacks-6e7c3951\"\u003eWSJ report on Salt Typhoon hacks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"In-the-wild zero-day counter\" rel=\"nofollow\" href=\"https://www.zero-day.cz/\"\u003eIn-the-wild zero-day counter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Confirms Exploited Zero-Day in Windows Management Console\" rel=\"nofollow\" href=\"https://www.securityweek.com/patch-tuesday-microsoft-confirms-exploited-zero-day-in-windows-management-console/\"\u003eMicrosoft Confirms Exploited Zero-Day in Windows Management Console\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors.\r\n\r\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).","date_published":"2024-10-11T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/b270f0b1-359a-43e1-b218-7b1329f43093.mp3","mime_type":"audio/mpeg","size_in_bytes":52742416,"duration_in_seconds":4149}]},{"id":"dae2bdfe-9bc3-41af-88f1-c41782d35f84","title":"Careto returns, IDA Pro pricing controversy, crypto's North Korea problem","url":"https://securityconversations.fireside.fm/tbp-ep15","content_text":"Three Buddy Problem - Episode 15: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of prominent crypto companies, Tom Rid's essay on Russian disinformation results, and the US government's ICE department using commercial spyware from an Israeli vendor.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript (unedited, AI-generated)VB abstract: The Mask has been unmasked againDiscover IDA 9.0Binary NinjaVertex SynapseYARA-XMicrosoft on Star Blizzard disruptionTom Rid: The lies Russia tells itselfNorth Korea caught targeting German missile manufacturerHow North Korea infiltrated the crypto industryICE signs $2M contract with spyware maker Paragon","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 15\u003c/strong\u003e: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro\u0026#39;s subscription model, a major new YARA update, and ongoing issues with VirusTotal\u0026#39;s value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of prominent crypto companies, Tom Rid\u0026#39;s essay on Russian disinformation results, and the US government\u0026#39;s ICE department using commercial spyware from an Israeli vendor.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://twitter.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade\u003c/a\u003e (SentinelLabs), \u003ca href=\"https://twitter.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh) and \u003ca href=\"https://twitter.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1UaVJw7KE2Bl1p1ftqiE5g_CvMXe91eqNfv1_pKAx9uY/edit?usp=sharing\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"VB abstract: The Mask has been unmasked again\" rel=\"nofollow\" href=\"https://www.virusbulletin.com/conference/vb2024/abstracts/mask-has-been-unmasked-again/\"\u003eVB abstract: The Mask has been unmasked again\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Discover IDA 9.0\" rel=\"nofollow\" href=\"https://hex-rays.com/blog/discover-ida-9.0-exciting-new-features-and-improvements\"\u003eDiscover IDA 9.0\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Binary Ninja\" rel=\"nofollow\" href=\"https://binary.ninja/\"\u003eBinary Ninja\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Vertex Synapse\" rel=\"nofollow\" href=\"https://vertex.link/synapse\"\u003eVertex Synapse\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"YARA-X\" rel=\"nofollow\" href=\"https://virustotal.github.io/yara-x/\"\u003eYARA-X\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft on Star Blizzard disruption\" rel=\"nofollow\" href=\"https://blogs.microsoft.com/on-the-issues/2024/10/03/protecting-democratic-institutions-from-cyber-threats/\"\u003eMicrosoft on Star Blizzard disruption\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tom Rid: The lies Russia tells itself\" rel=\"nofollow\" href=\"https://archive.ph/ZCFqK\"\u003eTom Rid: The lies Russia tells itself\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"North Korea caught targeting German missile manufacturer\" rel=\"nofollow\" href=\"https://www.securityweek.com/north-korea-hackers-linked-to-breach-of-german-missile-manufacturer/\"\u003eNorth Korea caught targeting German missile manufacturer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How North Korea infiltrated the crypto industry\" rel=\"nofollow\" href=\"https://www.coindesk.com/tech/2024/10/02/how-north-korea-infiltrated-the-crypto-industry/\"\u003eHow North Korea infiltrated the crypto industry\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ICE signs $2M contract with spyware maker Paragon\" rel=\"nofollow\" href=\"https://archive.ph/nCEjT\"\u003eICE signs $2M contract with spyware maker Paragon\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 15: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of prominent crypto companies, Tom Rid's essay on Russian disinformation results, and the US government's ICE department using commercial spyware from an Israeli vendor.\r\n\r\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).","date_published":"2024-10-04T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/dae2bdfe-9bc3-41af-88f1-c41782d35f84.mp3","mime_type":"audio/mpeg","size_in_bytes":73939478,"duration_in_seconds":5438}]},{"id":"7bd21833-9dcc-4396-a991-be2d3271f727","title":"Exploding beepers, critical CUPS flaws, Windows Recall rebuilt for security","url":"https://securityconversations.fireside.fm/tbp-ep14","content_text":"Three Buddy Problem - Episode 14: The buddies are back together for a discussion on Juan’s LABScon keynote and mental health realities, Microsoft rewriting the Windows Recall security architecture, a new CVSS 9.9 Linux CUPS flaw, Kaspersky's controversial transition to Ultra AV, and the intelligence operations surrounding exploding pagers in Lebanon.\n\n(This episode is dedicated to the memory of Jeff Wade from Solis, who was an important part of the LABScon family.)\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:The Consolation of Threat Intel (JAG-S LABScon keynote)LABScon - Security Research in Real TimeWindows Recall gets major security makeoverDavid Weston on Windows Recall security rebootCritical Linux CUPS remote code execution How Israel Built Exploding Pagers — How Israel Built a Modern-Day Trojan Horse: Exploding PagersApple Suddenly Drops NSO Group Spyware LawsuitCrowdStrike Overhauls Testing and Rollout ProceduresMicrosoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeekKaspersky Sparks Outrage as UltraAV Takes Over Systems Without ConsentTranscript (unedited, AI-generated)","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 14\u003c/strong\u003e: The buddies are back together for a discussion on Juan’s LABScon keynote and mental health realities, Microsoft rewriting the Windows Recall security architecture, a new CVSS 9.9 Linux CUPS flaw, Kaspersky\u0026#39;s controversial transition to Ultra AV, and the intelligence operations surrounding exploding pagers in Lebanon.\u003c/p\u003e\n\n\u003cp\u003e(\u003cem\u003eThis episode is dedicated to the memory of Jeff Wade from Solis, who was an important part of the LABScon family.\u003c/em\u003e)\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The Consolation of Threat Intel (JAG-S LABScon keynote)\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/ep13-the-consolation-of-threat-intel-jag-s-labscon-keynote/\"\u003eThe Consolation of Threat Intel (JAG-S LABScon keynote)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon - Security Research in Real Time\" rel=\"nofollow\" href=\"https://www.labscon.io/\"\u003eLABScon - Security Research in Real Time\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Windows Recall gets major security makeover\" rel=\"nofollow\" href=\"https://www.securityweek.com/microsofts-controversial-recall-returns-with-proof-of-presence-encryption-data-isolation-opt-in-model/\"\u003eWindows Recall gets major security makeover\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"David Weston on Windows Recall security reboot\" rel=\"nofollow\" href=\"https://blogs.windows.com/windowsexperience/2024/09/27/update-on-recall-security-and-privacy-architecture/\"\u003eDavid Weston on Windows Recall security reboot\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Critical Linux CUPS remote code execution \" rel=\"nofollow\" href=\"https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/\"\u003eCritical Linux CUPS remote code execution \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Israel Built Exploding Pagers\" rel=\"nofollow\" href=\"https://archive.ph/kKDVy\"\u003eHow Israel Built Exploding Pagers\u003c/a\u003e \u0026mdash; How Israel Built a Modern-Day Trojan Horse: Exploding Pagers\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple Suddenly Drops NSO Group Spyware Lawsuit\" rel=\"nofollow\" href=\"https://www.securityweek.com/apple-suddenly-drops-nso-group-spyware-lawsuit/\"\u003eApple Suddenly Drops NSO Group Spyware Lawsuit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CrowdStrike Overhauls Testing and Rollout Procedures\" rel=\"nofollow\" href=\"https://www.securityweek.com/crowdstrike-overhauls-testing-and-rollout-procedures-to-avoid-bsod-crashes/\"\u003eCrowdStrike Overhauls Testing and Rollout Procedures\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek\" rel=\"nofollow\" href=\"https://www.securityweek.com/post-crowdstrike-fallout-microsoft-redesigning-edr-vendor-access-to-windows-kernel/\"\u003eMicrosoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kaspersky Sparks Outrage as UltraAV Takes Over Systems Without Consent\" rel=\"nofollow\" href=\"https://www.securityweek.com/users-quick-to-remove-ultraav-after-silent-transition-from-kaspersky-antivirus/\"\u003eKaspersky Sparks Outrage as UltraAV Takes Over Systems Without Consent\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/10P5vAvj_MQplH8XPtYKr6mGuNVhPjxZePgI5y4cKPBw/edit#heading=h.rbgx0o903h7o\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 14: The buddies are back together for a discussion on Juan’s LABScon keynote and mental health realities, Microsoft rewriting the Windows Recall security architecture, a new CVSS 9.9 Linux CUPS flaw, Kaspersky's controversial transition to Ultra AV, and the intelligence operations surrounding exploding pagers in Lebanon.\r\n\r\nThis episode is dedicated to the memory of Jeff Wade from Solis, who was an important part of the LABScon family.\r\n\r\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).","date_published":"2024-09-28T12:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/7bd21833-9dcc-4396-a991-be2d3271f727.mp3","mime_type":"audio/mpeg","size_in_bytes":63398046,"duration_in_seconds":4747}]},{"id":"6ceedb7b-2400-45e2-8798-027400574c18","title":"Ep13: The Consolation of Threat Intel (JAG-S LABScon keynote)","url":"https://securityconversations.fireside.fm/tbp-ep13","content_text":"Three Buddy Problem - Episode 13: This is a special edition of the show, featuring Juan Andres Guerrero-Saade's full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disenfranchisement among professionals, the void in meaningful work, and the importance of reclaiming control and value in cybersecurity. Juan emphasizes the need for researchers, journalists, and even VCs, to be the change to reinvigorate the industry and ensure its relevance and impact.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs). Costin Raiu and Ryan Naraine are listening to this episode.Links:LABScon 2024J. A. Guerrero-Saade on Twitter","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 13\u003c/strong\u003e: This is a special edition of the show, featuring Juan Andres Guerrero-Saade\u0026#39;s full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disenfranchisement among professionals, the void in meaningful work, and the importance of reclaiming control and value in cybersecurity. Juan emphasizes the need for researchers, journalists, and even VCs, to be the change to reinvigorate the industry and ensure its relevance and impact.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e Juan Andres Guerrero-Saade (SentinelLabs). Costin Raiu and Ryan Naraine are listening to this episode.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"LABScon 2024\" rel=\"nofollow\" href=\"https://www.labscon.io/\"\u003eLABScon 2024\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"J. A. Guerrero-Saade on Twitter\" rel=\"nofollow\" href=\"https://x.com/juanandres_gs\"\u003eJ. A. Guerrero-Saade on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem Episode 13: This is a special edition of the show, featuring Juan Andres Guerrero-Saade's full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disenfranchisement among professionals, the void in meaningful work, and the importance of reclaiming control and value in cybersecurity. Juan emphasizes the need for researchers, journalists, and even VCs, to be the change to reinvigorate the industry and ensure its relevance and impact.\r\n\r\nCast: Juan Andres Guerrero-Saade (SentinelLabs). Costin Raiu and Ryan Naraine are listening to this episode.","date_published":"2024-09-21T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/6ceedb7b-2400-45e2-8798-027400574c18.mp3","mime_type":"audio/mpeg","size_in_bytes":30869148,"duration_in_seconds":1901}]},{"id":"ffff9da7-62a5-420f-9de7-6ff155b11720","title":"Ep12: Security use-cases for AI chain-of-thought reasoning","url":"https://securityconversations.fireside.fm/chain-of-thoughtreasoningcomestoai","content_text":"Three Buddy Problem - Episode 12: Gabriel Bernadett-Shapiro joins the show for an extended conversation on artificial intelligence and cybersecurity. We discuss the hype around OpenAI's new o1 model, AI chain-of-thought reasoning and security use-cases, pervasive chatbots and privacy concerns, and the ongoing debate between open source and closed source AI models.\n\nCast: Gabriel Bernadett-Shapiro , Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek). \n\n\nCostin Raiu is on vacation.\nLinks:TranscriptGabe Bernadett-Shapiro at the Alperovitch InstituteIntroducing OpenAI o1OpenAI's o1 model 'cheated' on an impossible testOpenAI o1 System CardLearning to Reason with LLMsLABScon 2024 Full Agenda","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 12\u003c/strong\u003e: Gabriel Bernadett-Shapiro joins the show for an extended conversation on artificial intelligence and cybersecurity. We discuss the hype around OpenAI\u0026#39;s new o1 model, AI chain-of-thought reasoning and security use-cases, pervasive chatbots and privacy concerns, and the ongoing debate between open source and closed source AI models.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://x.com/Gabeincognito\" rel=\"nofollow\"\u003e Gabriel Bernadett-Shapiro \u003c/a\u003e , \u003ca href=\"https://x.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade \u003c/a\u003e(SentinelLabs), \u003ca href=\"https://x.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek). \u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eCostin Raiu is on vacation.\u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1VBfGw5k6ed8rjQgA-aCRKdVNIBArxA-33FvxjOVZVHY/edit?usp=sharing\"\u003eTranscript\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Gabe Bernadett-Shapiro at the Alperovitch Institute\" rel=\"nofollow\" href=\"https://alperovitch.sais.jhu.edu/diving-into-the-world-of-ai-machine-learning-w-gabriel-bernadett-shapiro/\"\u003eGabe Bernadett-Shapiro at the Alperovitch Institute\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introducing OpenAI o1\" rel=\"nofollow\" href=\"https://openai.com/index/introducing-openai-o1-preview/\"\u003eIntroducing OpenAI o1\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenAI\u0026#39;s o1 model \u0026#39;cheated\u0026#39; on an impossible test\" rel=\"nofollow\" href=\"https://www.tomsguide.com/ai/chatgpt/openais-new-chatgpt-o1-model-cheated-on-an-impossible-test-heres-what-happened\"\u003eOpenAI\u0026#39;s o1 model \u0026#39;cheated\u0026#39; on an impossible test\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenAI o1 System Card\" rel=\"nofollow\" href=\"https://assets.ctfassets.net/kftzwdyauwt9/67qJD51Aur3eIc96iOfeOP/71551c3d223cd97e591aa89567306912/o1_system_card.pdf\"\u003eOpenAI o1 System Card\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Learning to Reason with LLMs\" rel=\"nofollow\" href=\"https://openai.com/index/learning-to-reason-with-llms/\"\u003eLearning to Reason with LLMs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon 2024 Full Agenda\" rel=\"nofollow\" href=\"https://events.sentinelone.com/event/LABScon2024/websitePage:9107aab7-3c7b-47d0-bad4-4f85cf7fcecd\"\u003eLABScon 2024 Full Agenda\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem - Episode 12: Gabriel Bernadett-Shapiro joins the show for an extended conversation on artificial intelligence and cybersecurity. We discuss the hype around OpenAI's new o1 model, AI chain-of-thought reasoning and security use-cases, pervasive chatbots and privacy concerns, and the ongoing debate between open source and closed source AI models.\r\n\r\nCast: Gabriel Bernadett-Shapiro, Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)\r\n\r\n* Costin Raiu is on vacation.","date_published":"2024-09-14T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/ffff9da7-62a5-420f-9de7-6ff155b11720.mp3","mime_type":"audio/mpeg","size_in_bytes":60684575,"duration_in_seconds":4460}]},{"id":"f6139b28-a754-4280-9c11-a9de522d2348","title":"Ep11: Cyberwarfare takes an ominous turn","url":"https://securityconversations.fireside.fm/cyberwarfare-takes-an-ominous-turn","content_text":"Three Buddy Problem - Episode 11: Russia's notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down 'Doppelganger' network spreading Russian propaganda; CISA's budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chinese hackers and global bug-disclosure implications; North Korean hacking capabilities and 0day expertise.\n\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)Links:Transcript (unedited)CISA advisory on GRU Unit 29155 — Russian Military Cyber Actors Target US and Global Critical InfrastructureRussian Military Unit Tied to Assassinations Caught Doing Cyber SabotageDoppelganger takedownU.S. says Russian bots, RT operatives interfere in electionsOutsized Impact of a Few Chinese HackersKorean zero-day discoveryNorth Korea caught exploiting Chromium zero-day#LABScon24 Agenda","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 11\u003c/strong\u003e: Russia\u0026#39;s notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down \u0026#39;Doppelganger\u0026#39; network spreading Russian propaganda; CISA\u0026#39;s budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chinese hackers and global bug-disclosure implications; North Korean hacking capabilities and 0day expertise.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eCast:\u003c/strong\u003e \u003ca href=\"https://x.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade \u003c/a\u003e(SentinelLabs), \u003ca href=\"https://x.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh), \u003ca href=\"https://x.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1jCRDYi37JVCLOSjO8WR15qxuH6PNacAwjTD7Xs8jblg/edit#heading=h.r1e6eglcl8gr\"\u003eTranscript (unedited)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA advisory on GRU Unit 29155\" rel=\"nofollow\" href=\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a\"\u003eCISA advisory on GRU Unit 29155\u003c/a\u003e \u0026mdash; Russian Military Cyber Actors Target US and Global Critical Infrastructure\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russian Military Unit Tied to Assassinations Caught Doing Cyber Sabotage\" rel=\"nofollow\" href=\"https://www.securityweek.com/russian-gru-unit-tied-to-assassinations-linked-to-global-cyber-sabotage-and-espionage/\"\u003eRussian Military Unit Tied to Assassinations Caught Doing Cyber Sabotage\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Doppelganger takedown\" rel=\"nofollow\" href=\"https://www.justice.gov/opa/pr/justice-department-disrupts-covert-russian-government-sponsored-foreign-malign-influence\"\u003eDoppelganger takedown\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"U.S. says Russian bots, RT operatives interfere in elections\" rel=\"nofollow\" href=\"https://www.npr.org/2024/09/04/nx-s1-5100329/us-russia-election-interference-bots-2024\"\u003eU.S. says Russian bots, RT operatives interfere in elections\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Outsized Impact of a Few Chinese Hackers\" rel=\"nofollow\" href=\"https://warontherocks.com/2024/09/from-world-champions-to-state-assets-the-outsized-impact-of-a-few-chinese-hackers/\"\u003eOutsized Impact of a Few Chinese Hackers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Korean zero-day discovery\" rel=\"nofollow\" href=\"https://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office/\"\u003eKorean zero-day discovery\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"North Korea caught exploiting Chromium zero-day\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/security/blog/2024/08/30/north-korean-threat-actor-citrine-sleet-exploiting-chromium-zero-day/\"\u003eNorth Korea caught exploiting Chromium zero-day\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"#LABScon24 Agenda\" rel=\"nofollow\" href=\"https://s1.ai/agenda24\"\u003e#LABScon24 Agenda\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem - Episode 11: Russia's notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down 'Doppelganger' network spreading Russian propaganda; CISA's budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chinese hackers and global bug-disclosure implications; North Korean hacking capabilities and 0day expertise.\r\n\r\nCast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)","date_published":"2024-09-06T01:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/f6139b28-a754-4280-9c11-a9de522d2348.mp3","mime_type":"audio/mpeg","size_in_bytes":59083969,"duration_in_seconds":4513}]},{"id":"a8b95520-0c50-46d8-bc16-25bbab115bb9","title":"Ep10: Volt Typhoon zero-day, Russia's APT29 reusing spyware exploits, Pavel Durov's arrest","url":"https://securityconversations.fireside.fm/tbp-ep10","content_text":"Three Buddy Problem - Episode 10: Top stories this week -- Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft’s upcoming Windows endpoint security summit in response to the CrowdStrike incident, and the arrest of Telegram’s Pavel Durov in France. Plus, the NSA is launching a podcast.\n\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)Links:Transcript (unedited)China's Volt Typhoon Exploiting Zero-Day in Servers Used by ISPs, MSPsVersa Director Zero-Day Exploitation - Black Lotus LabsCVE-2024-39717 – Versa Director Dangerous File Type Upload VulnerabilityGoogle TAG: APT29 using same exploits as Intellexa, NSO GroupRussia's APT29 Reusing Exploits From Spyware MerchantsOfficial Pavel Durov charges (PDF)WSJ: Pavel Durov's iPhone was hacked by France, UAEMicrosoft Calls EDR SummitNSA to Launch ‘No Such Podcast’LABScon 2024 SpeakersAPT29 / Midnight Blizzard","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 10\u003c/strong\u003e: Top stories this week -- Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia\u0026#39;s APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft’s upcoming Windows endpoint security summit in response to the CrowdStrike incident, and the arrest of Telegram’s Pavel Durov in France. Plus, the NSA is launching a podcast.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eHosts:\u003c/strong\u003e \u003ca href=\"https://x.com/craiu\" rel=\"nofollow\"\u003eCostin Raiu\u003c/a\u003e (Art of Noh), \u003ca href=\"https://x.com/juanandres_gs\" rel=\"nofollow\"\u003eJuan Andres Guerrero-Saade \u003c/a\u003e(SentinelLabs), \u003ca href=\"https://x.com/ryanaraine\" rel=\"nofollow\"\u003eRyan Naraine\u003c/a\u003e (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1Ke2F-qUJpxb6Mnx7wOFYeteoZqfDs_bPqg0jXAyXtGU/edit#heading=h.roy1ekwa04iz\"\u003eTranscript (unedited)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"China\u0026#39;s Volt Typhoon Exploiting Zero-Day in Servers Used by ISPs, MSPs\" rel=\"nofollow\" href=\"https://www.securityweek.com/chinese-apt-volt-typhoon-caught-exploiting-versa-networks-sd-wan-zero-day/\"\u003eChina\u0026#39;s Volt Typhoon Exploiting Zero-Day in Servers Used by ISPs, MSPs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Versa Director Zero-Day Exploitation - Black Lotus Labs\" rel=\"nofollow\" href=\"https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/\"\u003eVersa Director Zero-Day Exploitation - Black Lotus Labs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2024-39717 – Versa Director Dangerous File Type Upload Vulnerability\" rel=\"nofollow\" href=\"https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/\"\u003eCVE-2024-39717 – Versa Director Dangerous File Type Upload Vulnerability\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google TAG: APT29 using same exploits as Intellexa, NSO Group\" rel=\"nofollow\" href=\"https://blog.google/threat-analysis-group/state-backed-attackers-and-commercial-surveillance-vendors-repeatedly-use-the-same-exploits/\"\u003eGoogle TAG: APT29 using same exploits as Intellexa, NSO Group\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russia\u0026#39;s APT29 Reusing Exploits From Spyware Merchants\" rel=\"nofollow\" href=\"https://www.securityweek.com/google-catches-russian-apt-re-using-exploits-from-spyware-merchants-nso-group-intellexa/\"\u003eRussia\u0026#39;s APT29 Reusing Exploits From Spyware Merchants\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Official Pavel Durov charges (PDF)\" rel=\"nofollow\" href=\"https://www.tribunal-de-paris.justice.fr/sites/default/files/2024-08/2024-08-26%20-%20CP%20TELEGRAM%20.pdf\"\u003eOfficial Pavel Durov charges (PDF)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WSJ: Pavel Durov\u0026#39;s iPhone was hacked by France, UAE\" rel=\"nofollow\" href=\"https://archive.ph/FFPt2\"\u003eWSJ: Pavel Durov\u0026#39;s iPhone was hacked by France, UAE\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Calls EDR Summit\" rel=\"nofollow\" href=\"https://blogs.windows.com/windowsexperience/2024/08/23/microsoft-to-host-windows-endpoint-security-ecosystem-summit-in-september/\"\u003eMicrosoft Calls EDR Summit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NSA to Launch ‘No Such Podcast’\" rel=\"nofollow\" href=\"https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/article/3888139/nsa-to-launch-no-such-podcast-pulling-back-curtain-on-mission-culture-people/\"\u003eNSA to Launch ‘No Such Podcast’\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon 2024 Speakers\" rel=\"nofollow\" href=\"https://www.labscon.io/speakers/\"\u003eLABScon 2024 Speakers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"APT29 / Midnight Blizzard\" rel=\"nofollow\" href=\"https://malpedia.caad.fkie.fraunhofer.de/actor/apt29\"\u003eAPT29 / Midnight Blizzard\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Three Buddy Problem - Episode 10 -- Top stories this week: Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft’s upcoming Windows endpoint security summit in response to the CrowdStrike incident, and the arrest of Telegram’s Pavel Durov in France. Plus, the NSA is launching a podcast.\r\n\r\nHosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)","date_published":"2024-08-30T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a8b95520-0c50-46d8-bc16-25bbab115bb9.mp3","mime_type":"audio/mpeg","size_in_bytes":60633397,"duration_in_seconds":4717}]},{"id":"7e54af0b-f1c0-4741-8b5c-e90eddd617b7","title":"Ep9: The blurring lines between nation-state APTs and the ransomware epidemic","url":"https://securityconversations.fireside.fm/tbp-ep9","content_text":"Three Buddy Problem - Episode 9: On this episode, we look at the hacking scene in Taiwan, the sad state of visibility into big malware campaigns, the absence of APTs linked to the prolific MIVD Dutch intelligence agency, the blurring lines between big ransomware heists and nation-state actors caught using ransomware as a tool for sabotage and misattribution. \n\nPlus, Chinese mobile OS vendor Xiaoimi caught disabling parts of its infrastructure -- including its global app store -- to thwart Pwn2Own contestants; and news of an addition to the LABScon 2024 keynote stage.\n\nHosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)Links:WSJ: The Real Story of the Nord Stream Pipeline SabotageMIVD - The Little Spy Agency That CanIran behind Trump campaign hackXiaomi Caught Patching, Unpatching Pwn2Own RCE VulnDakota Cary on Xiaomi Pwn2Own patch shenanigansTranscript (unedited)Territorial Dispute by Boldi","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 9\u003c/strong\u003e: On this episode, we look at the hacking scene in Taiwan, the sad state of visibility into big malware campaigns, the absence of APTs linked to the prolific MIVD Dutch intelligence agency, the blurring lines between big ransomware heists and nation-state actors caught using ransomware as a tool for sabotage and misattribution. \u003c/p\u003e\n\n\u003cp\u003ePlus, Chinese mobile OS vendor Xiaoimi caught disabling parts of its infrastructure -- including its global app store -- to thwart Pwn2Own contestants; and news of an addition to the LABScon 2024 keynote stage.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eHosts:\u003c/strong\u003e Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"WSJ: The Real Story of the Nord Stream Pipeline Sabotage\" rel=\"nofollow\" href=\"https://archive.ph/TR92c\"\u003eWSJ: The Real Story of the Nord Stream Pipeline Sabotage\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MIVD - The Little Spy Agency That Can\" rel=\"nofollow\" href=\"https://www.spytalk.co/p/the-little-spy-agency-that-can\"\u003eMIVD - The Little Spy Agency That Can\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Iran behind Trump campaign hack\" rel=\"nofollow\" href=\"https://www.reuters.com/world/trump-campaigns-iranian-hackers-have-dangerous-history-deep-expertise-2024-08-23/\"\u003eIran behind Trump campaign hack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Xiaomi Caught Patching, Unpatching Pwn2Own RCE Vuln\" rel=\"nofollow\" href=\"https://hackhunting.com/2024/08/22/xiaomi-patched-an-rce-vulnerability-before-pwn2own-toronto-2023-and-removed-the-patch-afterwards/\"\u003eXiaomi Caught Patching, Unpatching Pwn2Own RCE Vuln\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dakota Cary on Xiaomi Pwn2Own patch shenanigans\" rel=\"nofollow\" href=\"https://x.com/dakotaindc/status/1826774594159849586?s=46\u0026amp;t=ePKy91eN-ionB9LpDaBXcA\"\u003eDakota Cary on Xiaomi Pwn2Own patch shenanigans\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1l51jwxKqG3mPAe646xgu7PlbqxLee8hIf3CvuHv1lkI/edit?usp=sharing\"\u003eTranscript (unedited)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Territorial Dispute by Boldi\" rel=\"nofollow\" href=\"https://www.crysys.hu/publications/files/tedi/ukatemicrysys_territorialdispute.pdf\"\u003eTerritorial Dispute by Boldi\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 9: On this episode, we look at the hacking scene in Taiwan, the sad state of visibility into big malware campaigns, the absence of APTs linked to the prolific MIVD Dutch intelligence agency, the blurring lines between big ransomware heists and nation-state actors caught using ransomware as a tool for sabotage and misattribution. \r\n\r\nPlus, Chinese mobile OS vendor Xiaoimi caught disabling parts of its infrastructure -- including its global app store -- to thwart Pwn2Own contestants; and news of an addition to the LABScon 2024 keynote stage.\r\n\r\nHosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)","date_published":"2024-08-23T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/7e54af0b-f1c0-4741-8b5c-e90eddd617b7.mp3","mime_type":"audio/mpeg","size_in_bytes":57472403,"duration_in_seconds":3976}]},{"id":"41525c06-937d-4766-8bb0-e94c8a297650","title":"Ep8: Microsoft's zero-days and a wormable Windows TCP/IP flaw known to China","url":"https://securityconversations.fireside.fm/tbp-ep8","content_text":"Three Buddy Problem - Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions.\n\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)Links:Episode 8 TranscriptSix Windows Zero-Days Being Actively ExploitedCVE-2024-38063 - Windows Ping of DeathWormable TCP/IP flaw known to China — Chinese researcher Xiao Wei of Cyber KunLun said he discovered the vulnerability “several months ago.” Google TAG: Iran steps hacking against Israel, U.S.Microsoft report on Iran election hackingQihoo claims CrowdStrike bug exploitableCrowdStrike root cause analysisLABScon - Speakers 2024","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 8\u003c/strong\u003e: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eHosts:\u003c/strong\u003e Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Episode 8 Transcript\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1zhmvqqWPnK7FLZK38LWGBKm2u29leNXiVESA9mBtrns/edit#heading=h.79ibg3a5rrr7\"\u003eEpisode 8 Transcript\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Six Windows Zero-Days Being Actively Exploited\" rel=\"nofollow\" href=\"https://www.securityweek.com/microsoft-warns-of-six-windows-zero-days-being-actively-exploited/\"\u003eSix Windows Zero-Days Being Actively Exploited\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2024-38063 - Windows Ping of Death\" rel=\"nofollow\" href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063\"\u003eCVE-2024-38063 - Windows Ping of Death\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wormable TCP/IP flaw known to China\" rel=\"nofollow\" href=\"https://www.securityweek.com/zero-click-exploit-concerns-drive-urgent-patching-of-windows-tcp-ip-flaw/\"\u003eWormable TCP/IP flaw known to China\u003c/a\u003e \u0026mdash; Chinese researcher Xiao Wei of Cyber KunLun said he discovered the vulnerability “several months ago.” \u003c/li\u003e\u003cli\u003e\u003ca title=\"Google TAG: Iran steps hacking against Israel, U.S.\" rel=\"nofollow\" href=\"https://blog.google/threat-analysis-group/iranian-backed-group-steps-up-phishing-campaigns-against-israel-us/\"\u003eGoogle TAG: Iran steps hacking against Israel, U.S.\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft report on Iran election hacking\" rel=\"nofollow\" href=\"https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/5bc57431-a7a9-49ad-944d-b93b7d35d0fc.pdf\"\u003eMicrosoft report on Iran election hacking\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Qihoo claims CrowdStrike bug exploitable\" rel=\"nofollow\" href=\"https://mp-weixin-qq-com.translate.goog/s/uD7mhzyRSX1dTW-TMg4UhQ?_x_tr_sl=auto\u0026amp;_x_tr_tl=en\u0026amp;_x_tr_hl=en\u0026amp;_x_tr_pto=wapp\"\u003eQihoo claims CrowdStrike bug exploitable\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CrowdStrike root cause analysis\" rel=\"nofollow\" href=\"https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf\"\u003eCrowdStrike root cause analysis\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon - Speakers 2024\" rel=\"nofollow\" href=\"https://www.labscon.io/speakers/\"\u003eLABScon - Speakers 2024\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions.\r\n\r\nHosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)","date_published":"2024-08-17T04:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/41525c06-937d-4766-8bb0-e94c8a297650.mp3","mime_type":"audio/mpeg","size_in_bytes":62622049,"duration_in_seconds":4665}]},{"id":"644134aa-4795-434a-8b2d-9a748cab7561","title":"Ep7: Crowd2K and the kernel, PKFail supply chain failures, Paris trains sabotage and Russian Olympic attacks","url":"https://securityconversations.fireside.fm/tbp-ep7","content_text":"Three Buddy Problem - Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and the need for inspectability in security mechanisms.\n\nThe conversation explores cyber angles to train service disruptions in Paris, the history of cyber operations targeting the Olympics, the lack of public acknowledgment and attribution of cyber operations by Western intelligence agencies, and the importance of transparency and case studies in understanding and discussing cyber operations.\n\nHosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)Links:Episode TranscriptMicrosoft VP David Weston on CrowdStrike issueDelta seeking damages from CrowdStrike, MicrosoftWealthy Russian With Kremlin Ties Gets 9 Years in Prison for Hacking and Insider Trading SchemeIndustroyerCountdown to Zero Day: Stuxnet and the Launch of the World's First Digital WeaponLABScon SpeakersLivestream from DEFCON 32","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 7\u003c/strong\u003e: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and the need for inspectability in security mechanisms.\u003c/p\u003e\n\n\u003cp\u003eThe conversation explores cyber angles to train service disruptions in Paris, the history of cyber operations targeting the Olympics, the lack of public acknowledgment and attribution of cyber operations by Western intelligence agencies, and the importance of transparency and case studies in understanding and discussing cyber operations.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eHosts:\u003c/strong\u003e Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Episode Transcript\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1Xbor_CopwaQiZpInKRXNnyf5CF80bInYP1Yvl_2-wQ0/edit?usp=sharing\"\u003eEpisode Transcript\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft VP David Weston on CrowdStrike issue\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/\"\u003eMicrosoft VP David Weston on CrowdStrike issue\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Delta seeking damages from CrowdStrike, Microsoft\" rel=\"nofollow\" href=\"https://www.cnbc.com/2024/07/29/delta-hires-david-boies-to-seek-damages-from-crowdstrike-microsoft-.html\"\u003eDelta seeking damages from CrowdStrike, Microsoft\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wealthy Russian With Kremlin Ties Gets 9 Years in Prison for Hacking and Insider Trading Scheme\" rel=\"nofollow\" href=\"https://www.securityweek.com/wealthy-russian-with-kremlin-ties-gets-9-years-in-prison-for-hacking-and-insider-trading-scheme/\"\u003eWealthy Russian With Kremlin Ties Gets 9 Years in Prison for Hacking and Insider Trading Scheme\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Industroyer\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Industroyer\"\u003eIndustroyer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Countdown to Zero Day: Stuxnet and the Launch of the World\u0026#39;s First Digital Weapon\" rel=\"nofollow\" href=\"https://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/0770436196\"\u003eCountdown to Zero Day: Stuxnet and the Launch of the World\u0026#39;s First Digital Weapon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon Speakers\" rel=\"nofollow\" href=\"https://www.labscon.io/speakers/\"\u003eLABScon Speakers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Livestream from DEFCON 32\" rel=\"nofollow\" href=\"https://bishopfox.com/defcon-32-livestream\"\u003eLivestream from DEFCON 32\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and the need for inspectability in security mechanisms.\r\n\r\nThe conversation explores cyber angles to train service disruptions in Paris, the history of cyber operations targeting the Olympics, the lack of public acknowledgment and attribution of cyber operations by Western intelligence agencies, and the importance of transparency and case studies in understanding and discussing cyber operations.\r\n\r\nHosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)","date_published":"2024-08-02T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/644134aa-4795-434a-8b2d-9a748cab7561.mp3","mime_type":"audio/mpeg","size_in_bytes":66162188,"duration_in_seconds":4203}]},{"id":"874c67ec-26cd-4395-8713-df1b58629041","title":"Ep6: After CrowdStrike chaos, should Microsoft kick EDR agents out of Windows kernel?","url":"https://securityconversations.fireside.fm/tbp-ep6","content_text":"Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.\n\nOther topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.\n\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)Links:Episode transcript (Unedited, AI-generated)Official CrowdStrike preliminary post-mortemMicrosoft VP David Weston on CrowdStrike outageMicrosoft VP John Cable on the path forwardMatt Suiche: Bob and Alice in Kernel-landRe-learning Lessons from the CrowdStrike OutageEp5: CrowdStrike's faulty updateMandiant Report on North Korea's APT45CISA Advisory on North Korea APT45KnowBe4 Hires North Korean Fake IT WorkerIsrael’s attempt to sway NSO/WhatsApp spyware case","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 6\u003c/strong\u003e: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft\u0026#39;s responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.\u003c/p\u003e\n\n\u003cp\u003eOther topics on the show include Mandiant\u0026#39;s attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eHosts:\u003c/strong\u003e Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Episode transcript (Unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1ulo0dHr89aShLeHG4TFScq7wErMO7KvJdGX_7oCNlH4/edit?usp=sharing\"\u003eEpisode transcript (Unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Official CrowdStrike preliminary post-mortem\" rel=\"nofollow\" href=\"https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/\"\u003eOfficial CrowdStrike preliminary post-mortem\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft VP David Weston on CrowdStrike outage\" rel=\"nofollow\" href=\"https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/\"\u003eMicrosoft VP David Weston on CrowdStrike outage\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft VP John Cable on the path forward\" rel=\"nofollow\" href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-resiliency-best-practices-and-the-path-forward/ba-p/4201550\"\u003eMicrosoft VP John Cable on the path forward\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Matt Suiche: Bob and Alice in Kernel-land\" rel=\"nofollow\" href=\"https://www.msuiche.com/posts/bob-and-alice-in-kernel-land/\"\u003eMatt Suiche: Bob and Alice in Kernel-land\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Re-learning Lessons from the CrowdStrike Outage\" rel=\"nofollow\" href=\"https://www.lutasecurity.com/post/re-learning-lessons-from-the-crowdstrike-outage\"\u003eRe-learning Lessons from the CrowdStrike Outage\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ep5: CrowdStrike\u0026#39;s faulty update\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/ep5-crowdstrikes-faulty-update-shuts-down-global-networks/\"\u003eEp5: CrowdStrike\u0026#39;s faulty update\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mandiant Report on North Korea\u0026#39;s APT45\" rel=\"nofollow\" href=\"https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machine\"\u003eMandiant Report on North Korea\u0026#39;s APT45\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA Advisory on North Korea APT45\" rel=\"nofollow\" href=\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-207a\"\u003eCISA Advisory on North Korea APT45\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"KnowBe4 Hires North Korean Fake IT Worker\" rel=\"nofollow\" href=\"https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us\"\u003eKnowBe4 Hires North Korean Fake IT Worker\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Israel’s attempt to sway NSO/WhatsApp spyware case\" rel=\"nofollow\" href=\"https://securitylab.amnesty.org/latest/2024/07/israels-attempt-to-sway-whatsapp-case-casts-doubt-on-its-ability-to-deal-with-nso-spyware/?ref=news.risky.biz\"\u003eIsrael’s attempt to sway NSO/WhatsApp spyware case\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.\r\n\r\nOther topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.\r\n\r\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)","date_published":"2024-07-26T01:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/874c67ec-26cd-4395-8713-df1b58629041.mp3","mime_type":"audio/mpeg","size_in_bytes":71350827,"duration_in_seconds":4597}]},{"id":"85b284cc-9ab4-4a38-8a4e-9d6439345bcb","title":"Ep5: CrowdStrike's faulty update shuts down global networks","url":"https://securityconversations.fireside.fm/tbp-ep5","content_text":"Three Buddy Problem - Episode 5: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms.\n\nWe also discuss the AT\u0026amp;T mega-breach and the ransom paid to delete the stolen data; the challenges of ransomware and the uncertainty surrounding the deletion of stolen data; the FBI gaining access to a password-protected phone, the prices for zero-click exploits; and the resurgence of APT 41 with expanding targets.\n\nPlus, some news on upcoming keynote speakers at LabsCon 2024.\n\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)Links:Transcript (AI-generated, unedited)CrowdStrike Statement on Falcon Content Update for Windows HostsMicrosoft-CrowdStrike blackout FAQBad CrowdStrike Update Linked to Major IT Outages WorldwideCrowdStrike CEO George Kurtz statement on TwitterAT\u0026amp;T Paid a Hacker $370,000 to Delete Stolen Phone RecordsT-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’LABScon 2024 Speakers","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 5\u003c/strong\u003e: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms.\u003c/p\u003e\n\n\u003cp\u003eWe also discuss the AT\u0026amp;T mega-breach and the ransom paid to delete the stolen data; the challenges of ransomware and the uncertainty surrounding the deletion of stolen data; the FBI gaining access to a password-protected phone, the prices for zero-click exploits; and the resurgence of APT 41 with expanding targets.\u003c/p\u003e\n\n\u003cp\u003ePlus, some news on upcoming keynote speakers at LabsCon 2024.\u003c/p\u003e\n\n\u003cp\u003eHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (AI-generated, unedited)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/11C0JmY7o58yPUJs7jutahdmV1-ZI-fv6bL-QhoCW8ww/edit?usp=sharing\"\u003eTranscript (AI-generated, unedited)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CrowdStrike Statement on Falcon Content Update for Windows Hosts\" rel=\"nofollow\" href=\"https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/\"\u003eCrowdStrike Statement on Falcon Content Update for Windows Hosts\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft-CrowdStrike blackout FAQ\" rel=\"nofollow\" href=\"https://www.cnbc.com/2024/07/19/latest-live-updates-on-a-major-it-outage-spreading-worldwide.html\"\u003eMicrosoft-CrowdStrike blackout FAQ\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bad CrowdStrike Update Linked to Major IT Outages Worldwide\" rel=\"nofollow\" href=\"https://www.securityweek.com/major-outages-worldwide-linked-to-bsod-caused-by-bad-crowdstrike-update/\"\u003eBad CrowdStrike Update Linked to Major IT Outages Worldwide\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CrowdStrike CEO George Kurtz statement on Twitter\" rel=\"nofollow\" href=\"https://x.com/george_kurtz/status/1814235001745027317?s=46\u0026amp;t=ePKy91eN-ionB9LpDaBXcA\"\u003eCrowdStrike CEO George Kurtz statement on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AT\u0026amp;T Paid a Hacker $370,000 to Delete Stolen Phone Records\" rel=\"nofollow\" href=\"https://archive.ph/hjbYB\"\u003eAT\u0026amp;T Paid a Hacker $370,000 to Delete Stolen Phone Records\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"T-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’\" rel=\"nofollow\" href=\"https://archive.ph/fClfV\"\u003eT-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon 2024 Speakers\" rel=\"nofollow\" href=\"https://www.labscon.io/speakers/\"\u003eLABScon 2024 Speakers\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 5: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms.\r\n\r\nWe also discuss the AT\u0026T mega-breach and the ransom paid to delete the stolen data; the challenges of ransomware and the uncertainty surrounding the deletion of stolen data; the FBI gaining access to a password-protected phone, the prices for zero-click exploits; and the resurgence of APT 41 with expanding targets.\r\n\r\nPlus, some news on upcoming keynote speakers at LabsCon 2024.\r\n\r\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)","date_published":"2024-07-19T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/85b284cc-9ab4-4a38-8a4e-9d6439345bcb.mp3","mime_type":"audio/mpeg","size_in_bytes":54810148,"duration_in_seconds":3591}]},{"id":"37354ca4-8a6b-41e0-b4d6-e9ad5545cd8f","title":"Ep4: The AT\u0026T mega-breach, iPhone mercenary spyware, Microsoft zero-days","url":"https://securityconversations.fireside.fm/tbp-ep4","content_text":"Three Buddy Problem - Episode 4: The boys delve into the massive AT\u0026amp;T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft's zero-day disclosures and useless Patch Tuesday bulletins, AI-powered disinformation campaigns, and the US government's malware sharing initiative fading away.\n\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek).Links:Transcript (unedited, AI-generated)AT\u0026amp;T SEC Filing on mega-breachCNN: Nearly all AT\u0026amp;T call and text records exposed in a massive breachApple warns iPhone users in 98 countries of spywareIndia targets Apple over its phone hacking notificationsHyper-V zero-day exploited in the wildLABScon Program Committee","content_html":"\u003cp\u003e\u003cstrong\u003eThree Buddy Problem - Episode 4\u003c/strong\u003e: The boys delve into the massive AT\u0026amp;T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft\u0026#39;s zero-day disclosures and useless Patch Tuesday bulletins, AI-powered disinformation campaigns, and the US government\u0026#39;s malware sharing initiative fading away.\u003c/p\u003e\n\n\u003cp\u003eHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/11WOP_5Rx-O52K8aD5utBqi6r26ZTcwF6ncjpXTAz0to/edit\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AT\u0026amp;T SEC Filing on mega-breach\" rel=\"nofollow\" href=\"https://www.sec.gov/Archives/edgar/data/732717/000073271724000046/t-20240506.htm\"\u003eAT\u0026amp;T SEC Filing on mega-breach\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CNN: Nearly all AT\u0026amp;T call and text records exposed in a massive breach\" rel=\"nofollow\" href=\"https://www.cnn.com/2024/07/12/business/att-customers-massive-breach/index.html\"\u003eCNN: Nearly all AT\u0026amp;T call and text records exposed in a massive breach\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple warns iPhone users in 98 countries of spyware\" rel=\"nofollow\" href=\"https://techcrunch.com/2024/07/10/apple-alerts-iphone-users-in-98-countries-to-mercenary-spyware-attacks/\"\u003eApple warns iPhone users in 98 countries of spyware\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"India targets Apple over its phone hacking notifications\" rel=\"nofollow\" href=\"https://archive.ph/NMBPd\"\u003eIndia targets Apple over its phone hacking notifications\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hyper-V zero-day exploited in the wild\" rel=\"nofollow\" href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080\"\u003eHyper-V zero-day exploited in the wild\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon Program Committee\" rel=\"nofollow\" href=\"https://www.labscon.io/#program-committee\"\u003eLABScon Program Committee\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 4: Listen as the hosts delve into the massive AT\u0026T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft's zero-day disclosures and useless Patch Tuesday bulletins, AI-powered disinformation campaigns, and the US government's malware sharing initiative fading away.\r\n\r\nHosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)","date_published":"2024-07-12T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/37354ca4-8a6b-41e0-b4d6-e9ad5545cd8f.mp3","mime_type":"audio/mpeg","size_in_bytes":61000643,"duration_in_seconds":4299}]},{"id":"068888b9-32ca-4c20-b8f9-d38c6e24608f","title":"Ep3: Dave Aitel joins debate on nation-state hacking responsibilities","url":"https://securityconversations.fireside.fm/tbp-ep3","content_text":"The 'Three Buddy Problem' Podcast Episode 3: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA 'secure-by-design' pledge and its impact on software vendor practices, Microsoft lobbying and the CSRB report, and changing face of government's attempts at cybersecurity regulations. \n\nWe discuss the disruption caused by political changes and the potential implications for cybersecurity policies, impact from the Supreme Court Chevron ruling, security regulations and the challenges of writing laws for future technology, the role of CISA and its accomplishments, the debate around offensive cyber operations and the responsibility of companies like Google in addressing vulnerabilities. \n\nThe need for clear separation between counterterrorism and espionage operations is highlighted, as well as the importance of understanding both defensive and offensive perspectives.\n\n\nCostin Raiu is on vacation.\nLinks:Transcript (unedited, AI-generated)Qualys: Remote Unauthenticated Code Execution in OpenSSH\r\nCSRB report on Microsoft hackCISA secure-by-design pledgeCCC Talk: Operation Triangulation Lawfare: Responsible Cyber OffenseGoogle: Stop Burning Counterterrorism OperationsFollow Dave Aitel on TwitterJ. A. Guerrero-Saade on TwitterCostin Raiu on TwitterFollow Ryan Naraine (@ryanaraine) on TwitterLABScon - Security Research in Real Time","content_html":"\u003cp\u003e\u003cstrong\u003eThe \u0026#39;Three Buddy Problem\u0026#39; Podcast Episode 3\u003c/strong\u003e: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA \u0026#39;secure-by-design\u0026#39; pledge and its impact on software vendor practices, Microsoft lobbying and the CSRB report, and changing face of government\u0026#39;s attempts at cybersecurity regulations. \u003c/p\u003e\n\n\u003cp\u003eWe discuss the disruption caused by political changes and the potential implications for cybersecurity policies, impact from the Supreme Court Chevron ruling, security regulations and the challenges of writing laws for future technology, the role of CISA and its accomplishments, the debate around offensive cyber operations and the responsibility of companies like Google in addressing vulnerabilities. \u003c/p\u003e\n\n\u003cp\u003eThe need for clear separation between counterterrorism and espionage operations is highlighted, as well as the importance of understanding both defensive and offensive perspectives.\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eCostin Raiu is on vacation.\u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Transcript (unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/17AOWExBNOahaUvnpmusk3ED1n7SOYIUcN9cUTSSP5bc/edit\"\u003eTranscript (unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Qualys: Remote Unauthenticated Code Execution in OpenSSH\" rel=\"nofollow\" href=\"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server\"\u003eQualys: Remote Unauthenticated Code Execution in OpenSSH\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"CSRB report on Microsoft hack\" rel=\"nofollow\" href=\"https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf\"\u003eCSRB report on Microsoft hack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA secure-by-design pledge\" rel=\"nofollow\" href=\"https://www.cisa.gov/sites/default/files/2024-05/CISA%20Secure%20by%20Design%20Pledge_508c.pdf\"\u003eCISA secure-by-design pledge\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CCC Talk: Operation Triangulation \" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=7VWNUUldBEE\u0026amp;ab_channel=auth\"\u003eCCC Talk: Operation Triangulation \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lawfare: Responsible Cyber Offense\" rel=\"nofollow\" href=\"https://www.lawfaremedia.org/article/responsible-cyber-offense\"\u003eLawfare: Responsible Cyber Offense\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google: Stop Burning Counterterrorism Operations\" rel=\"nofollow\" href=\"https://poppopret.org/2024/06/24/google-stop-burning-counterterrorism-operations/\"\u003eGoogle: Stop Burning Counterterrorism Operations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Dave Aitel on Twitter\" rel=\"nofollow\" href=\"https://x.com/daveaitel\"\u003eFollow Dave Aitel on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"J. A. Guerrero-Saade on Twitter\" rel=\"nofollow\" href=\"https://x.com/juanandres_gs\"\u003eJ. A. Guerrero-Saade on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Costin Raiu on Twitter\" rel=\"nofollow\" href=\"https://x.com/craiu\"\u003eCostin Raiu on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Ryan Naraine (@ryanaraine) on Twitter\" rel=\"nofollow\" href=\"https://x.com/ryanaraine\"\u003eFollow Ryan Naraine (@ryanaraine) on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon - Security Research in Real Time\" rel=\"nofollow\" href=\"https://www.labscon.io/\"\u003eLABScon - Security Research in Real Time\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 3: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA 'secure-by-design' pledge and its impact on software vendor practices, Microsoft lobbying and the CSRB report, and changing face of government's attempts at cybersecurity regulations. \r\n\r\nWe discuss the disruption caused by political changes and the potential implications for cybersecurity policies, impact from the Supreme Court Chevron ruling, security regulations and the challenges of writing laws for future technology, the role of CISA and its accomplishments, the debate around offensive cyber operations and the responsibility of companies like Google in addressing vulnerabilities. \r\n\r\nThe need for clear separation between counterterrorism and espionage operations is highlighted, as well as the importance of understanding both defensive and offensive perspectives.\r\n\r\n* Costin Raiu is on vacation.","date_published":"2024-07-05T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/068888b9-32ca-4c20-b8f9-d38c6e24608f.mp3","mime_type":"audio/mpeg","size_in_bytes":58460157,"duration_in_seconds":3869}]},{"id":"4a6fe671-fe7a-4699-ae08-fe99fd11f49f","title":"Ep2: A deep-dive on disrupting and exposing nation-state malware ops","url":"https://securityconversations.fireside.fm/tbp-ep2","content_text":"The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. \n\nA deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware.\n\nWe also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.Links:Episode transcript (Unedited, AI-generated)Google: Stop Burning Counterterrorism OperationsRussian hackers sanctioned by European CouncilTeamViewer statement on APT29 breachPolyfill supply chain attackRequest a LABScon inviteFollow Costin Raiu on TwitterFollow JAG-S on TwitterFollow Ryan Naraine on Twitter","content_html":"\u003cp\u003e\u003cstrong\u003eThe \u0026#39;Three Buddy Problem\u0026#39; Podcast Episode 2\u003c/strong\u003e: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. \u003c/p\u003e\n\n\u003cp\u003eA deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of \u0026#39;success stories\u0026#39; from so-called benevolent malware.\u003c/p\u003e\n\n\u003cp\u003eWe also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Episode transcript (Unedited, AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1uXCCABf3ifD1EsOgqhRKryLcs3jLJYXkRKRAe6Jc9LE/edit#heading=h.us8s7483ojgo\"\u003eEpisode transcript (Unedited, AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google: Stop Burning Counterterrorism Operations\" rel=\"nofollow\" href=\"https://poppopret.org/2024/06/24/google-stop-burning-counterterrorism-operations/\"\u003eGoogle: Stop Burning Counterterrorism Operations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russian hackers sanctioned by European Council\" rel=\"nofollow\" href=\"https://therecord.media/six-russian-hackers-sanctioned-european-council-eu-ukraine\"\u003eRussian hackers sanctioned by European Council\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"TeamViewer statement on APT29 breach\" rel=\"nofollow\" href=\"https://www.teamviewer.com/en/resources/trust-center/statement/\"\u003eTeamViewer statement on APT29 breach\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Polyfill supply chain attack\" rel=\"nofollow\" href=\"https://sansec.io/research/polyfill-supply-chain-attack\"\u003ePolyfill supply chain attack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Request a LABScon invite\" rel=\"nofollow\" href=\"https://www.labscon.io/request-an-invite/\"\u003eRequest a LABScon invite\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Costin Raiu on Twitter\" rel=\"nofollow\" href=\"https://x.com/craiu\"\u003eFollow Costin Raiu on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow JAG-S on Twitter\" rel=\"nofollow\" href=\"https://x.com/juanandres_gs\"\u003eFollow JAG-S on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Ryan Naraine on Twitter\" rel=\"nofollow\" href=\"https://x.com/ryanaraine\"\u003eFollow Ryan Naraine on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware.\r\n\r\nWe also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.","date_published":"2024-06-29T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/4a6fe671-fe7a-4699-ae08-fe99fd11f49f.mp3","mime_type":"audio/mpeg","size_in_bytes":60890552,"duration_in_seconds":4122}]},{"id":"d0003b6f-d259-41d1-991b-18d68fc8c009","title":"Ep1: The Microsoft Recall debacle, Brad Smith and the CSRB, Apple Private Cloud Compute","url":"https://securityconversations.fireside.fm/new-show-ep-1","content_text":"Welcome to Episode 1 of a brand new cybersecurity podcast discussing the biggest news stories of the week. Ryan Naraine hosts a fast-moving conversation with Juan Andres Guerrero-Saade (LABScon) and Costin Raiu (Art of Noh) on the Microsoft Recall debacle, the dark patterns emerging as big-tech embraces AI, Brad Smith's testimony and the lingering effects of the CSRB report, Apple's new Private Cloud Compute (PCC) infrastructure and Cupertino's long game. Oh, we also talk about the KL ban.Links:Microsoft’s embarrassing RecallBrad Smith CSRB testimonyInside Apple Private Cloud ComputeLABScon - Security Research in Real TimeFollow Costin Raiu (@craiu) / XFollow JAG-S (@juanandres_gs) / XFollow Ryan Naraine (@ryanaraine) / X","content_html":"\u003cp\u003eWelcome to Episode 1 of a brand new cybersecurity podcast discussing the biggest news stories of the week. Ryan Naraine hosts a fast-moving conversation with Juan Andres Guerrero-Saade (LABScon) and Costin Raiu (Art of Noh) on the Microsoft Recall debacle, the dark patterns emerging as big-tech embraces AI, Brad Smith\u0026#39;s testimony and the lingering effects of the CSRB report, Apple\u0026#39;s new Private Cloud Compute (PCC) infrastructure and Cupertino\u0026#39;s long game. Oh, we also talk about the KL ban.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Microsoft’s embarrassing Recall\" rel=\"nofollow\" href=\"https://www.theverge.com/2024/6/20/24182350/microsoft-windows-recall-launch-on-arm\"\u003eMicrosoft’s embarrassing Recall\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Brad Smith CSRB testimony\" rel=\"nofollow\" href=\"https://homeland.house.gov/wp-content/uploads/2024/06/2024-06-13-HRG-Testimony-Smith.pdf\"\u003eBrad Smith CSRB testimony\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Inside Apple Private Cloud Compute\" rel=\"nofollow\" href=\"https://security.apple.com/blog/private-cloud-compute/\"\u003eInside Apple Private Cloud Compute\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon - Security Research in Real Time\" rel=\"nofollow\" href=\"https://www.labscon.io/\"\u003eLABScon - Security Research in Real Time\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Costin Raiu (@craiu) / X\" rel=\"nofollow\" href=\"https://x.com/craiu\"\u003eFollow Costin Raiu (@craiu) / X\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow JAG-S (@juanandres_gs) / X\" rel=\"nofollow\" href=\"https://x.com/juanandres_gs\"\u003eFollow JAG-S (@juanandres_gs) / X\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Ryan Naraine (@ryanaraine) / X\" rel=\"nofollow\" href=\"https://x.com/ryanaraine\"\u003eFollow Ryan Naraine (@ryanaraine) / X\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Welcome to Episode 1 of a brand new cybersecurity podcast discussing the biggest news stories of the week. Ryan Naraine hosts a fast-moving conversation with Juan Andres Guerrero-Saade (LABScon) and Costin Raiu (Art of Noh) on the Microsoft Recall debacle, the dark patterns emerging as big-tech embraces AI, Brad Smith's testimony and the lingering effects of the CSRB report, Apple's new Private Cloud Compute (PCC) infrastructure and Cupertino's long game. Oh, we also discuss the KL ban.","date_published":"2024-06-22T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/d0003b6f-d259-41d1-991b-18d68fc8c009.mp3","mime_type":"audio/mpeg","size_in_bytes":40341037,"duration_in_seconds":2815}]},{"id":"8151cb78-e91b-4526-95cc-6ea1dd6ddec5","title":"Cris Neckar on the early days of securing Chrome, chasing browser exploits","url":"https://securityconversations.fireside.fm/cris-neckar-chrome-security-stories","content_text":"Episode sponsors:\n\n\nBinarly, the supply chain security experts (https://binarly.io)\nXZ.fail backdoor detector (https://xz.fail)\n\n\nCris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium, and the cat-and-mouse battle for browser exploit chains. We also discuss the zero-day exploit marketplace, the hype and promise of AI, and his mission to help highly technical founders bring products to market.Links:Unedited transcript (AI-generated)Cris Neckar on LinkedInCris Neckar Bio (Two Bear Capital)Teenager hacks Google Chrome with three 0daysResearch on Trident zero-day flawsCris Neckar podcast transcript (Unedited)","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly, the supply chain security experts (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eXZ.fail backdoor detector (\u003ca href=\"https://xz.fail\" rel=\"nofollow\"\u003ehttps://xz.fail\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eCris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium, and the cat-and-mouse battle for browser exploit chains. We also discuss the zero-day exploit marketplace, the hype and promise of AI, and his mission to help highly technical founders bring products to market.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Unedited transcript (AI-generated)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1Xhf2pVxE4Trb9TVbK2VEBP6zDDe25MAbPdiAeh501h0/edit#heading=h.ulpyi4qqiq06\"\u003eUnedited transcript (AI-generated)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cris Neckar on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/crisneckar/\"\u003eCris Neckar on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cris Neckar Bio (Two Bear Capital)\" rel=\"nofollow\" href=\"https://www.twobearcapital.com/team/cris-neckar\"\u003eCris Neckar Bio (Two Bear Capital)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Teenager hacks Google Chrome with three 0days\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/teenager-hacks-google-chrome-with-three-0day-vulnerabilities/\"\u003eTeenager hacks Google Chrome with three 0days\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Research on Trident zero-day flaws\" rel=\"nofollow\" href=\"https://www.lookout.com/threat-intelligence/article/trident-pegasus-technical-details\"\u003eResearch on Trident zero-day flaws\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cris Neckar podcast transcript (Unedited)\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1Xhf2pVxE4Trb9TVbK2VEBP6zDDe25MAbPdiAeh501h0/edit#heading\"\u003eCris Neckar podcast transcript (Unedited)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the supply chain security experts (https://binarly.io)\r\n- XZ.fail backdoor detector (https://xz.fail)\r\n\r\nCris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium and the cat-and-mouse battle for browser exploit chains. We also discuss the zero-day exploit marketplace, the hype and promise of AI, and his mission to help highly technical founders bring products to market.","date_published":"2024-04-11T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/8151cb78-e91b-4526-95cc-6ea1dd6ddec5.mp3","mime_type":"audio/mpeg","size_in_bytes":52672988,"duration_in_seconds":3276}]},{"id":"f664c77a-dbbc-41a0-b392-7b4cd7223523","title":"Costin Raiu joins the XZ Utils backdoor investigation","url":"https://securityconversations.fireside.fm/costin-raiu-xz-backdoor","content_text":"Episode sponsors:\n\n\nBinarly, the supply chain security experts (https://binarly.io)\nXZ.fail backdoor detector (https://xz.fail)\n\n\nMalware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state.\n\nBased on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.Links:Binarly XZ backdoor detectorXZ Utils Backdoor FAQ (by Dan Goodin)CISA advisory on backdoorThe JiaT75 (Jia Tan) timelineUnedited transcript","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly, the supply chain security experts (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eXZ.fail backdoor detector (\u003ca href=\"https://xz.fail\" rel=\"nofollow\"\u003ehttps://xz.fail\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eMalware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why \u0026#39;Tia Jan\u0026#39; is the handiwork of a cunning nation-state.\u003c/p\u003e\n\n\u003cp\u003eBased on all the clues available, Costin pinpoints three main suspects -- North Korea\u0026#39;s Lazarus, China\u0026#39;s APT41 or Russia\u0026#39;s APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Binarly XZ backdoor detector\" rel=\"nofollow\" href=\"https://xz.fail/\"\u003eBinarly XZ backdoor detector\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"XZ Utils Backdoor FAQ (by Dan Goodin)\" rel=\"nofollow\" href=\"https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/\"\u003eXZ Utils Backdoor FAQ (by Dan Goodin)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA advisory on backdoor\" rel=\"nofollow\" href=\"https://www.cisa.gov/news-events/alerts/2024/03/29/reported-supply-chain-compromise-affecting-xz-utils-data-compression-library-cve-2024-3094\"\u003eCISA advisory on backdoor\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The JiaT75 (Jia Tan) timeline\" rel=\"nofollow\" href=\"https://boehs.org/node/everything-i-know-about-the-xz-backdoor\"\u003eThe JiaT75 (Jia Tan) timeline\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Unedited transcript\" rel=\"nofollow\" href=\"https://docs.google.com/document/d/1S2Fs3TJyA1SHfKOHXvZr9oFdWzG7HYCd9oa17sm02zM/edit\"\u003eUnedited transcript\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the supply chain security experts (https://binarly.io)\r\n- XZ.fail backdoor detector (https://xz.fail)\r\n\r\nMalware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state.\r\n\r\nBased on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.","date_published":"2024-04-05T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/f664c77a-dbbc-41a0-b392-7b4cd7223523.mp3","mime_type":"audio/mpeg","size_in_bytes":47530772,"duration_in_seconds":3093}]},{"id":"99cde65c-13eb-4fb7-9d52-86d2fc8c4aec","title":"Katie Moussouris on building a different cybersecurity businesses","url":"https://securityconversations.fireside.fm/katie-moussouris-workforce-csrb","content_text":"Episode sponsors:\n\n\nBinarly, the supply chain security experts (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nKatie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple advisory roles for the U.S. government, including the new CISA Cyber Safety Review Board (CSRB).\n\nIn this episode, Moussouris discusses Luta Security's new Workforce Platform profit-sharing initiative, the changing face of the job market, criticisms of the CSRB's lack of enforcement authority, and looming regulations around zero-day vulnerability data.Links:Luta Security Workforce PlatformKatie Moussouris on WikipediaMoussouris: Resist Urge to Match China Vuln Reporting MandateKatie Moussouris on LinkedInCyber Safety Review Board","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly, the supply chain security experts (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eKatie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple advisory roles for the U.S. government, including the new CISA Cyber Safety Review Board (CSRB).\u003c/p\u003e\n\n\u003cp\u003eIn this episode, Moussouris discusses Luta Security\u0026#39;s new Workforce Platform profit-sharing initiative, the changing face of the job market, criticisms of the CSRB\u0026#39;s lack of enforcement authority, and looming regulations around zero-day vulnerability data.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Luta Security Workforce Platform\" rel=\"nofollow\" href=\"https://www.lutasecurity.com/alpha-platform\"\u003eLuta Security Workforce Platform\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Katie Moussouris on Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Katie_Moussouris\"\u003eKatie Moussouris on Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Moussouris: Resist Urge to Match China Vuln Reporting Mandate\" rel=\"nofollow\" href=\"https://www.securityweek.com/moussouris-us-should-resist-urge-match-china-vuln-reporting-mandate/\"\u003eMoussouris: Resist Urge to Match China Vuln Reporting Mandate\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Katie Moussouris on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/kmoussouris/\"\u003eKatie Moussouris on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cyber Safety Review Board\" rel=\"nofollow\" href=\"https://www.cisa.gov/cyber-safety-review-board-csrb-members\"\u003eCyber Safety Review Board\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the supply chain security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nKatie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries, proving that businesses can be profitable by putting people first. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple advisory roles for the U.S. government, including the new CISA Cyber Safety Review Board (CSRB).\r\n\r\nOn this episode, Moussouris discusses Luta Security's new Workforce Platform profit-sharing initiative, the changing face of the job market, criticisms of the CSRB's lack of enforcement authority, and looming regulations around zero-day vulnerability data.","date_published":"2024-01-19T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/99cde65c-13eb-4fb7-9d52-86d2fc8c4aec.mp3","mime_type":"audio/mpeg","size_in_bytes":25154544,"duration_in_seconds":1790}]},{"id":"b70d7b98-2823-490b-8b70-f3a051c45709","title":"Costin Raiu: The GReAT exit interview","url":"https://securityconversations.fireside.fm/costin-raiu-great-exit-interview","content_text":"Episode sponsors:\n\n\nBinarly, the supply chain security experts (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nCostin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus. \n\nIn this exit interview, Costin digs into why he left the GReAT team after 13 years at the helm, ethical questions on exposing certain APT operations, changes in the nation-state malware attribution game, technically impressive APT attacks, and the 'dark spots' where future-thinking APTs are living.Links:Costin Raiu on TwitterHow to Protect Your Phone from Pegasus and Other APTsCostin Raiu: 10 big 'unattributed' APT mysteriesCostin Raiu on the .gov mobile exploitation businessWannaCry Ransomware Linked to North Korean Hackers","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly, the supply chain security experts (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eCostin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus. \u003c/p\u003e\n\n\u003cp\u003eIn this exit interview, Costin digs into why he left the GReAT team after 13 years at the helm, ethical questions on exposing certain APT operations, changes in the nation-state malware attribution game, technically impressive APT attacks, and the \u0026#39;dark spots\u0026#39; where future-thinking APTs are living.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Costin Raiu on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/craiu\"\u003eCostin Raiu on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to Protect Your Phone from Pegasus and Other APTs\" rel=\"nofollow\" href=\"https://www.darkreading.com/cyber-risk/how-to-protect-your-phone-from-pegasus-and-other-apts\"\u003eHow to Protect Your Phone from Pegasus and Other APTs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Costin Raiu: 10 big \u0026#39;unattributed\u0026#39; APT mysteries\" rel=\"nofollow\" href=\"https://twitter.com/craiu/status/1573272440704319488\"\u003eCostin Raiu: 10 big \u0026#39;unattributed\u0026#39; APT mysteries\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Costin Raiu on the .gov mobile exploitation business\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/costin-raiu-on-the-gov-mobile-exploitation-business/\"\u003eCostin Raiu on the .gov mobile exploitation business\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WannaCry Ransomware Linked to North Korean Hackers\" rel=\"nofollow\" href=\"https://www.wired.com/2017/05/wannacry-ransomware-link-suspected-north-korean-hackers/\"\u003eWannaCry Ransomware Linked to North Korean Hackers\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the supply chain security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nCostin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus. \r\n\r\nIn this exit interview, Costin digs into why he left the GReAT team after 13 years at the helm, ethical questions on exposing certain APT operations, changes in the nation-state malware attribution game, technically impressive APT attacks, and the 'dark spots' where future-thinking APTs are living.","date_published":"2024-01-15T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/b70d7b98-2823-490b-8b70-f3a051c45709.mp3","mime_type":"audio/mpeg","size_in_bytes":90090088,"duration_in_seconds":5533}]},{"id":"73110ffd-bb15-40c4-924d-5bf7b89ed152","title":"Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackers","url":"https://securityconversations.fireside.fm/danny-adamitis-volt-typhoon-botnet","content_text":"Episode sponsors:\n\n\nBinarly, the supply chain security experts (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nDanny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team's recent discovery of an impossible-to-kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting US critical infrastructure.\n\nDanny digs into the inner workings of the botnet, the global problem end-of-life devices becoming useful tools for malicious actors, and the things network defenders can do today to mitigate threats at this layer.Links:Danny Adamitis on TwitterChinese APT Volt Typhoon Linked to Unkillable SOHO Router BotnetMicrosoft Catches Chinese .Gov Hackers Targeting US Critical InfrastructureThe KV-botnet InvestigationZuoRAT Hijacks SOHO Routers to Silently Stalk NetworksDaniel Adamitis on LinkedIn","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly, the supply chain security experts (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eDanny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team\u0026#39;s recent discovery of an impossible-to-kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting US critical infrastructure.\u003c/p\u003e\n\n\u003cp\u003eDanny digs into the inner workings of the botnet, the global problem end-of-life devices becoming useful tools for malicious actors, and the things network defenders can do today to mitigate threats at this layer.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Danny Adamitis on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/dadamitis?lang=en\"\u003eDanny Adamitis on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet\" rel=\"nofollow\" href=\"https://www.securityweek.com/chinese-apt-volt-typhoon-linked-to-unkillable-soho-router-botnet/\"\u003eChinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Catches Chinese .Gov Hackers Targeting US Critical Infrastructure\" rel=\"nofollow\" href=\"https://www.securityweek.com/microsoft-catches-chinese-gov-hackers-in-guam-critical-infrastructure-orgs/\"\u003eMicrosoft Catches Chinese .Gov Hackers Targeting US Critical Infrastructure\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The KV-botnet Investigation\" rel=\"nofollow\" href=\"https://blog.lumen.com/routers-roasting-on-an-open-firewall-the-kv-botnet-investigation/\"\u003eThe KV-botnet Investigation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks\" rel=\"nofollow\" href=\"https://blog.lumen.com/zuorat-hijacks-soho-routers-to-silently-stalk-networks/\"\u003eZuoRAT Hijacks SOHO Routers to Silently Stalk Networks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Daniel Adamitis on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/daniel-a-44198047/\"\u003eDaniel Adamitis on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the supply chain security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nDanny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team's recent discovery of an impossible-to-kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting US critical infrastructure.\r\n\r\nDanny digs into the inner workings of the botnet, the global problem end-of-life devices becoming useful tools for malicious actors, and the things network defenders can do today to mitigate threats at this layer.","date_published":"2024-01-05T09:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/73110ffd-bb15-40c4-924d-5bf7b89ed152.mp3","mime_type":"audio/mpeg","size_in_bytes":34693170,"duration_in_seconds":2047}]},{"id":"28dec282-d91f-4cce-9500-6459abf30cdf","title":"Allison Miller talks about CISO life, protecting identities at scale","url":"https://securityconversations.fireside.fm/allison-miller-cartomancy-labs","content_text":"Episode sponsors:\n\n\nBinarly, the supply chain security experts (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nAllison Miller is founder and CEO of Cartomancy Labs and former CISO and VP of Trust at Reddit. She has spent the past 20 years scaling teams and technology at Bank of America, Google, Electronic Arts, PayPal/eBay, and Visa International. \n\nIn this conversation, we discuss the convergence of security with fraud prevention and anti-abuse, the challenges and complexities in IAM implementations, the post-pandemic labor market, the evolving role of CISOs and new realities around CISO exposure to personal liability, thoughts on the 'build vs buy' debate and the nuance and dilemma of paying ransomware demands.Links:Allison Miller on LinkedInCartomancy LabsSecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISONew SEC rule on breach disclosure (PDF)Follow Allison Miller on TwitterSponsor: Binarly Supply Chain Security Platform","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly, the supply chain security experts (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eAllison Miller is founder and CEO of Cartomancy Labs and former CISO and VP of Trust at Reddit. She has spent the past 20 years scaling teams and technology at Bank of America, Google, Electronic Arts, PayPal/eBay, and Visa International. \u003c/p\u003e\n\n\u003cp\u003eIn this conversation, we discuss the convergence of security with fraud prevention and anti-abuse, the challenges and complexities in IAM implementations, the post-pandemic labor market, the evolving role of CISOs and new realities around CISO exposure to personal liability, thoughts on the \u0026#39;build vs buy\u0026#39; debate and the nuance and dilemma of paying ransomware demands.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Allison Miller on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/allisonmiller/\"\u003eAllison Miller on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cartomancy Labs\" rel=\"nofollow\" href=\"https://www.linkedin.com/company/cartomancy-labs/\"\u003eCartomancy Labs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Security Leaders Spooked by SEC Lawsuit Against SolarWinds CISO\" rel=\"nofollow\" href=\"https://www.securityweek.com/cisos-spooked-by-sec-lawsuit-against-solarwinds-ciso/\"\u003eSecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"New SEC rule on breach disclosure (PDF)\" rel=\"nofollow\" href=\"https://www.sec.gov/files/rules/final/2023/33-11216.pdf\"\u003eNew SEC rule on breach disclosure (PDF)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Allison Miller on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/selenakyle\"\u003eFollow Allison Miller on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sponsor: Binarly Supply Chain Security Platform\" rel=\"nofollow\" href=\"https://binarly.io/capabilities/index.html\"\u003eSponsor: Binarly Supply Chain Security Platform\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the supply chain security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nAllison Miller is founder and CEO of Cartomancy Labs and former CISO and VP of Trust at Reddit. She has spent the past 20 years scaling teams and technology at Bank of America, Google, Electronic Arts, PayPal/eBay, and Visa International. \r\n\r\nIn this conversation, we discuss the convergence of security with fraud prevention and anti-abuse, the challenges and complexities in IAM implementations, the post-pandemic labor market, the evolving role of CISOs and new realities around CISO exposure to personal liability, thoughts on the 'build vs buy' debate and the nuance and dilemma of paying ransomware demands. ","date_published":"2023-12-21T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/28dec282-d91f-4cce-9500-6459abf30cdf.mp3","mime_type":"audio/mpeg","size_in_bytes":30309172,"duration_in_seconds":2292}]},{"id":"5d290c85-90a8-4e41-8e9b-f8c953259be4","title":"Rob Ragan on the excitement of AI solving security problems","url":"https://securityconversations.fireside.fm/rob-ragan-artificial-intelligence-future-of-security","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nRob Ragan, principal architect and security strategist at Bishop Fox, joins the show to share insights on scaling pen testing, the emergence of bug bounty programs, the value of attack surface management, and the role of AI in cybersecurity. We dig into the importance of proactive defense, the challenges of consolidating security tools, and the potential of AI in augmenting human intelligence. The conversation explores the potential of AI models and their impact on various aspects of technology and society and digs into the importance of improving model interaction by allowing more thoughtful and refined responses. \n\nWe also discuss how AI can be a superpower, enabling rapid prototyping and idea generation. The discussion concludes with considerations for safeguarding AI models, including transparency, explainability, and potential regulations.\n\nTakeaways:\n\n\nScaling pen testing can be challenging, and maintaining quality becomes difficult as the team grows. Bug bounty programs have been a net positive for businesses, providing valuable insights and incentivizing innovative research.\nAttack surface management plays a crucial role in identifying vulnerabilities and continuously monitoring an organization's security posture.\nSocial engineering attacks, such as SIM swapping and phishing, require a multi-faceted defense strategy that includes technical controls, policies, and user education.\nAI has the potential to augment human intelligence and improve efficiency and effectiveness in cybersecurity. Improving model interaction by allowing more thoughtful and refined responses can enhance the user experience. Algorithms can be used to delegate tasks and improve performance, leading to better results in complex tasks.\nAI is an inflection point in technology, comparable to the internet and the industrial revolution. Can be game-changing to automate time-consuming tasks, freeing up human resources for more strategic work.\nAutocomplete and code generation tools like Copilot can significantly speed up coding and reduce errors. AI can be a superpower, enabling rapid prototyping, idea generation, and creative tasks.\nSafeguarding AI models requires transparency, explainability, and consideration of potential biases. Regulations may be necessary to ensure responsible use of AI, but they should not stifle innovation. Global adoption of AI should be encouraged to prevent technological disparities between countries. \nLinks:Rob Ragan's Theoradical.aiTesting LLM Algorithms While AI Tests Us — Testing LLM Algorithms While AI Tests UsLLM Testing Findings Templates — This collection of open-source templates is designed to facilitate the reporting and documentation of vulnerabilities and opportunities for usability improvement in LLM integrations and applications.Rob Ragan on TwitterRob Ragan on LinkedInBishop Fox Labs","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eRob Ragan, principal architect and security strategist at Bishop Fox, joins the show to share insights on scaling pen testing, the emergence of bug bounty programs, the value of attack surface management, and the role of AI in cybersecurity. We dig into the importance of proactive defense, the challenges of consolidating security tools, and the potential of AI in augmenting human intelligence. The conversation explores the potential of AI models and their impact on various aspects of technology and society and digs into the importance of improving model interaction by allowing more thoughtful and refined responses. \u003c/p\u003e\n\n\u003cp\u003eWe also discuss how AI can be a superpower, enabling rapid prototyping and idea generation. The discussion concludes with considerations for safeguarding AI models, including transparency, explainability, and potential regulations.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eTakeaways:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eScaling pen testing can be challenging, and maintaining quality becomes difficult as the team grows. Bug bounty programs have been a net positive for businesses, providing valuable insights and incentivizing innovative research.\u003c/li\u003e\n\u003cli\u003eAttack surface management plays a crucial role in identifying vulnerabilities and continuously monitoring an organization\u0026#39;s security posture.\u003c/li\u003e\n\u003cli\u003eSocial engineering attacks, such as SIM swapping and phishing, require a multi-faceted defense strategy that includes technical controls, policies, and user education.\u003c/li\u003e\n\u003cli\u003eAI has the potential to augment human intelligence and improve efficiency and effectiveness in cybersecurity. Improving model interaction by allowing more thoughtful and refined responses can enhance the user experience. Algorithms can be used to delegate tasks and improve performance, leading to better results in complex tasks.\u003c/li\u003e\n\u003cli\u003eAI is an inflection point in technology, comparable to the internet and the industrial revolution. Can be game-changing to automate time-consuming tasks, freeing up human resources for more strategic work.\u003c/li\u003e\n\u003cli\u003eAutocomplete and code generation tools like Copilot can significantly speed up coding and reduce errors. AI can be a superpower, enabling rapid prototyping, idea generation, and creative tasks.\u003c/li\u003e\n\u003cli\u003eSafeguarding AI models requires transparency, explainability, and consideration of potential biases. Regulations may be necessary to ensure responsible use of AI, but they should not stifle innovation. Global adoption of AI should be encouraged to prevent technological disparities between countries. \u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Rob Ragan\u0026#39;s Theoradical.ai\" rel=\"nofollow\" href=\"https://theoradical.ai/\"\u003eRob Ragan\u0026#39;s Theoradical.ai\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Testing LLM Algorithms While AI Tests Us\" rel=\"nofollow\" href=\"https://slides.com/robragan/testing-llms\"\u003eTesting LLM Algorithms While AI Tests Us\u003c/a\u003e \u0026mdash; Testing LLM Algorithms While AI Tests Us\u003c/li\u003e\u003cli\u003e\u003ca title=\"LLM Testing Findings Templates\" rel=\"nofollow\" href=\"https://github.com/BishopFox/llm-testing-findings/blob/main/README.md\"\u003eLLM Testing Findings Templates\u003c/a\u003e \u0026mdash; This collection of open-source templates is designed to facilitate the reporting and documentation of vulnerabilities and opportunities for usability improvement in LLM integrations and applications.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Rob Ragan on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/sweepthatleg\"\u003eRob Ragan on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Rob Ragan on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/robragan/\"\u003eRob Ragan on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bishop Fox Labs\" rel=\"nofollow\" href=\"https://bishopfox.com/labs\"\u003eBishop Fox Labs\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the firmware security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nRob Ragan, principal architect and security strategist at Bishop Fox, joins the show to share insights on scaling pen testing, the emergence of bug bounty programs, the value of attack surface management, and the role of AI in cybersecurity. We dig into the importance of proactive defense, the challenges of consolidating security tools, and the potential of AI in augmenting human intelligence. The conversation explores the leapfrog potential of AI models and their impact on various aspects of technology and society.","date_published":"2023-12-07T07:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/5d290c85-90a8-4e41-8e9b-f8c953259be4.mp3","mime_type":"audio/mpeg","size_in_bytes":41368098,"duration_in_seconds":3076}]},{"id":"1f02640b-edf7-4549-8012-6764dcca018d","title":"Seth Spergel on venture capital bets in cybersecurity","url":"https://securityconversations.fireside.fm/seth-spergel-merlin-ventures","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nSeth Spergel is managing partner at Merlin Ventures, where he is responsible for identifying cutting-edge companies for Merlin to partner with and invest in. In this episode, Seth talks about helping startups target US federal markets, the current state of deal sizes and valuations, and the red-hot sectors in cybersecurity ripe for venture investment.Links:Seth Spergel bio — Seth has more than 20 years of experience building, selling, and investing in software and startups. Prior to Merlin Ventures, Seth was VP for Infrastructure Technologies at In-Q-Tel, a strategic investment firm that invests in startups that meet the mission needs of government customers. Merlin Ventures portfolioPalo Alto buys Talon, Dig Security — Technology powerhouse Palo Alto Networks is officially on a billion-dollar shopping spree in the cloud data security space.Episode Sponsor: Binarly — The Binarly REsearch team leads the industry in firmware vulnerability disclosure and advisories","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eSeth Spergel is managing partner at Merlin Ventures, where he is responsible for identifying cutting-edge companies for Merlin to partner with and invest in. In this episode, Seth talks about helping startups target US federal markets, the current state of deal sizes and valuations, and the red-hot sectors in cybersecurity ripe for venture investment.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Seth Spergel bio\" rel=\"nofollow\" href=\"https://merlin.vc/team/seth-spergel/\"\u003eSeth Spergel bio\u003c/a\u003e \u0026mdash; Seth has more than 20 years of experience building, selling, and investing in software and startups. Prior to Merlin Ventures, Seth was VP for Infrastructure Technologies at In-Q-Tel, a strategic investment firm that invests in startups that meet the mission needs of government customers. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Merlin Ventures portfolio\" rel=\"nofollow\" href=\"https://merlin.vc/portfolio/\"\u003eMerlin Ventures portfolio\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Palo Alto buys Talon, Dig Security\" rel=\"nofollow\" href=\"https://www.securityweek.com/palo-alto-to-acquire-talon-intensifying-competition-in-cloud-data-security/\"\u003ePalo Alto buys Talon, Dig Security\u003c/a\u003e \u0026mdash; Technology powerhouse Palo Alto Networks is officially on a billion-dollar shopping spree in the cloud data security space.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Episode Sponsor: Binarly\" rel=\"nofollow\" href=\"https://binarly.io/capabilities/index.html\"\u003eEpisode Sponsor: Binarly\u003c/a\u003e \u0026mdash; The Binarly REsearch team leads the industry in firmware vulnerability disclosure and advisories\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the firmware security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nSeth Spergel is managing partner at Merlin Ventures, where he is responsible for identifying cutting-edge companies for Merlin to partner with and invest in. In this episode, Seth talks about helping startups target US federal markets, the current state of deal sizes and valuations, and the red-hot sectors in cybersecurity ripe for venture investment.","date_published":"2023-11-21T10:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1f02640b-edf7-4549-8012-6764dcca018d.mp3","mime_type":"audio/mpeg","size_in_bytes":17151625,"duration_in_seconds":1736}]},{"id":"aa617e3f-5689-4e88-a3ea-69bf50679c6e","title":"Dan Lorenc on fixing the 'crappy' CVE ecosystem ","url":"https://securityconversations.fireside.fm/dan-lorenc-deciphers-cve-cvss-sbom-supply-chains","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nDan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a \"growth mode\" startup, massive funding rounds and VC expectations, fixing the \"crappy\" CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.Links:SBOMs - All the right ingredients, but something is still missingOpen Source Development Threatened in EuropeChainguard Images: Reduce your attack surfaceDan Lorenc on LinkedInDan Lorenc on Twitter/XChainguard Raises $61 Million Series BBinarly -- Firmware Supply Chain Security Platform — Binarly is the world's first automated firmware supply chain security platform. Using cutting-edge techniques, Binarly identifies both known and unknown vulnerabilities, misconfigurations, and malicious code in firmware and hardware components.","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eDan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a \u0026quot;growth mode\u0026quot; startup, massive funding rounds and VC expectations, fixing the \u0026quot;crappy\u0026quot; CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"SBOMs - All the right ingredients, but something is still missing\" rel=\"nofollow\" href=\"https://p72.vc/perspectives/software-bills-of-material-sboms/\"\u003eSBOMs - All the right ingredients, but something is still missing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Open Source Development Threatened in Europe\" rel=\"nofollow\" href=\"https://thenewstack.io/open-source-development-threatened-in-europe/\"\u003eOpen Source Development Threatened in Europe\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chainguard Images: Reduce your attack surface\" rel=\"nofollow\" href=\"https://www.chainguard.dev/chainguard-images\"\u003eChainguard Images: Reduce your attack surface\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dan Lorenc on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/danlorenc/\"\u003eDan Lorenc on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dan Lorenc on Twitter/X\" rel=\"nofollow\" href=\"https://twitter.com/lorenc_dan\"\u003eDan Lorenc on Twitter/X\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chainguard Raises $61 Million Series B\" rel=\"nofollow\" href=\"https://www.chainguard.dev/unchained/series-b-funding\"\u003eChainguard Raises $61 Million Series B\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Binarly -- Firmware Supply Chain Security Platform\" rel=\"nofollow\" href=\"https://binarly.io/\"\u003eBinarly -- Firmware Supply Chain Security Platform\u003c/a\u003e \u0026mdash; Binarly is the world's first automated firmware supply chain security platform. Using cutting-edge techniques, Binarly identifies both known and unknown vulnerabilities, misconfigurations, and malicious code in firmware and hardware components.\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly, the firmware security experts (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nDan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a \"growth mode\" startup, massive funding rounds and VC expectations, fixing the \"crappy\" CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.","date_published":"2023-11-14T06:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/aa617e3f-5689-4e88-a3ea-69bf50679c6e.mp3","mime_type":"audio/mpeg","size_in_bytes":40642471,"duration_in_seconds":2505}]},{"id":"d35fcfc2-f5e9-4b06-bbda-9a59ed8fafed","title":"Cisco Talos researcher Nick Biasini on chasing APTs, mercenary hackers","url":"https://securityconversations.fireside.fm/nick-biasini-cisco-talos","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nNick Biasini has been working in information security for nearly two decades. In his current role as head of outreach for Cisco Talos Intelligence Group, he leads a team of threat researchers tasked with tracking nation-state APTs, mercenary hacker groups and ransomware cybercriminals. In this episode, Biasini talks about the cryptic world of threat actor attribution, the rise of PSOAs (private sector offensive actors) and why network edge devices are a happy hunting ground for attackers.Links:Nick Biasini on TwitterCisco Talos Library of ReportsNick Biasini on LinkedInBeyond the Veil of Surveillance: Private Sector Offensive Actors (PSOAs)US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eNick Biasini has been working in information security for nearly two decades. In his current role as head of outreach for Cisco Talos Intelligence Group, he leads a team of threat researchers tasked with tracking nation-state APTs, mercenary hacker groups and ransomware cybercriminals. In this episode, Biasini talks about the cryptic world of threat actor attribution, the rise of PSOAs (private sector offensive actors) and why network edge devices are a happy hunting ground for attackers.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Nick Biasini on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/infosec_nick\"\u003eNick Biasini on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cisco Talos Library of Reports\" rel=\"nofollow\" href=\"https://talosintelligence.com/resources\"\u003eCisco Talos Library of Reports\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nick Biasini on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/nick-biasini-00707950/\"\u003eNick Biasini on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Beyond the Veil of Surveillance: Private Sector Offensive Actors (PSOAs)\" rel=\"nofollow\" href=\"https://socradar.io/beyond-the-veil-of-surveillance-private-sector-offensive-actors-psoas/\"\u003eBeyond the Veil of Surveillance: Private Sector Offensive Actors (PSOAs)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa\" rel=\"nofollow\" href=\"https://www.securityweek.com/us-gov-mercenary-spyware-clampdown-hits-cytrox-intellexa/\"\u003eUS Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nNick Biasini has been working in information security for nearly two decades. In his current role as head of outreach for Cisco Talos Intelligence Group, he leads a team of threat researchers tasked with tracking nation-state APTs, mercenary hacker groups and ransomware cybercriminals. In this episode, Biasini talks about the cryptic world of threat actor attribution, the rise of PSOAs (private sector offensive actors) and why network edge devices are a happy hunting ground for attackers.","date_published":"2023-11-07T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/d35fcfc2-f5e9-4b06-bbda-9a59ed8fafed.mp3","mime_type":"audio/mpeg","size_in_bytes":30416978,"duration_in_seconds":1887}]},{"id":"5f9634cc-a169-42e1-8e20-a28c5480205f","title":"Allison Nixon on disturbing elements in cybercriminal ecosystem","url":"https://securityconversations.fireside.fm/allison-nixon-unit-221b-cybercrime","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nAllison Nixon is Chief Researcher at Unit 221B and a trailblazer in the world of cybercrime research. In this episode, we deep-drive into the shadowy dynamics of underground criminal communities, high-profile ransomware attacks, teenage hacking groups breaking into big companies, and the challenges of attribution and law enforcement. Allison sheds light on why companies continue to be vulnerable targets and what they're often missing in their cybersecurity strategies.Links:Allison Nixon on TwitterAllison Nixon - Unit 221B bioLas Vegas casino hackers rely on violent threatsCrossing boundaries to facilitate extortion, encryption, and destruction","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eAllison Nixon is Chief Researcher at Unit 221B and a trailblazer in the world of cybercrime research. In this episode, we deep-drive into the shadowy dynamics of underground criminal communities, high-profile ransomware attacks, teenage hacking groups breaking into big companies, and the challenges of attribution and law enforcement. Allison sheds light on why companies continue to be vulnerable targets and what they\u0026#39;re often missing in their cybersecurity strategies.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Allison Nixon on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/nixonnixoff\"\u003eAllison Nixon on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Allison Nixon - Unit 221B bio\" rel=\"nofollow\" href=\"https://unit221b.com/our-team\"\u003eAllison Nixon - Unit 221B bio\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Las Vegas casino hackers rely on violent threats\" rel=\"nofollow\" href=\"https://cyberscoop.com/com-scattered-spider-tradecraft/\"\u003eLas Vegas casino hackers rely on violent threats\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Crossing boundaries to facilitate extortion, encryption, and destruction\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/\"\u003eCrossing boundaries to facilitate extortion, encryption, and destruction\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nAllison Nixon is Chief Researcher at Unit 221B and a trailblazer in the world of cybercrime research. In this episode, we deep-drive into the shadowy dynamics of underground criminal communities, high-profile ransomware attacks, teenage hacking groups breaking into big companies, and the challenges of attribution and law enforcement. Allison sheds light on why companies continue to be vulnerable targets and what they're often missing in their cybersecurity strategies.","date_published":"2023-11-01T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/5f9634cc-a169-42e1-8e20-a28c5480205f.mp3","mime_type":"audio/mpeg","size_in_bytes":42292017,"duration_in_seconds":2919}]},{"id":"11696fa7-d330-4346-b5f1-078d7542cccd","title":"Dakota Cary on China's weaponization of software vulnerabilities","url":"https://securityconversations.fireside.fm/dakota-cary-global-china-hub","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nDakota Cary is a nonresident fellow at the Atlantic Council’s Global China Hub, conducting research on China’s efforts to develop its hacking capabilities, artificial-intelligence and cybersecurity research at Chinese universities, the People’s Liberation Army’s efforts to automate software vulnerability discovery, and new policies to improve China’s cybersecurity-talent pipeline. \n\nIn this episode, Cary expands on a new report -- 'Sleight of Hand' -- that delves into the changing legal landscape for vulnerability disclosure in China, the PRC's weaponization of software vulnerabilities, advanced threat actors in China and that infamous Bloomberg 'rice grain' spy chip story.Links:Sleight of hand: How China weaponizes software vulnerabilitiesDakota Cary on TwitterMoussouris: U.S. Should Resist Urge to Match China Vuln Reporting MandateCSRB Log4j incident report (PDF)CISA China Cyber Threat Overview and Advisories","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eDakota Cary is a nonresident fellow at the Atlantic Council’s Global China Hub, conducting research on China’s efforts to develop its hacking capabilities, artificial-intelligence and cybersecurity research at Chinese universities, the People’s Liberation Army’s efforts to automate software vulnerability discovery, and new policies to improve China’s cybersecurity-talent pipeline. \u003c/p\u003e\n\n\u003cp\u003eIn this episode, Cary expands on a new report -- \u0026#39;Sleight of Hand\u0026#39; -- that delves into the changing legal landscape for vulnerability disclosure in China, the PRC\u0026#39;s weaponization of software vulnerabilities, advanced threat actors in China and that infamous Bloomberg \u0026#39;rice grain\u0026#39; spy chip story.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Sleight of hand: How China weaponizes software vulnerabilities\" rel=\"nofollow\" href=\"https://www.atlanticcouncil.org/in-depth-research-reports/report/sleight-of-hand-how-china-weaponizes-software-vulnerability/\"\u003eSleight of hand: How China weaponizes software vulnerabilities\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dakota Cary on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/DakotaInDC?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor\"\u003eDakota Cary on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Moussouris: U.S. Should Resist Urge to Match China Vuln Reporting Mandate\" rel=\"nofollow\" href=\"https://www.securityweek.com/moussouris-us-should-resist-urge-match-china-vuln-reporting-mandate/\"\u003eMoussouris: U.S. Should Resist Urge to Match China Vuln Reporting Mandate\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CSRB Log4j incident report (PDF)\" rel=\"nofollow\" href=\"https://www.cisa.gov/sites/default/files/publications/CSRB-Report-on-Log4-July-11-2022_508.pdf\"\u003eCSRB Log4j incident report (PDF)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISA China Cyber Threat Overview and Advisories\" rel=\"nofollow\" href=\"https://www.cisa.gov/topics/cyber-threats-and-advisories/advanced-persistent-threats/china\"\u003eCISA China Cyber Threat Overview and Advisories\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nDakota Cary is a nonresident fellow at the Atlantic Council’s Global China Hub, conducting research on China’s efforts to develop its hacking capabilities, artificial-intelligence and cybersecurity research at Chinese universities, the People’s Liberation Army’s efforts to automate software vulnerability discovery, and new policies to improve China’s cybersecurity-talent pipeline. \r\n\r\nIn this episode, Cary expands on a new report -- 'Sleight of Hand' -- that delves into the changing legal landscape for vulnerability disclosure in China, the PRC's weaponization of software vulnerabilities, nation state-backed threat actors in China and that infamous Bloomberg 'rice grain' spy chip story.","date_published":"2023-09-15T13:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/11696fa7-d330-4346-b5f1-078d7542cccd.mp3","mime_type":"audio/mpeg","size_in_bytes":51975872,"duration_in_seconds":3348}]},{"id":"013e4610-5aeb-4cb3-89d1-509db8c25ffd","title":"Abhishek Arya on Google's AI cybersecurity experiments","url":"https://securityconversations.fireside.fm/abhishek-arya-google-open-source-supply-chain","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nAbhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB. \n\nIn this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry's over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.Links:Abhishek Arya on LinkedInOSS-Fuzz: Continuous fuzzing for open source softwareGoogle Brings AI Magic to Fuzz TestingAI-Powered Fuzzing: Breaking the Bug Hunting BarrierAI Cyber Challenge","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eAbhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB. \u003c/p\u003e\n\n\u003cp\u003eIn this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry\u0026#39;s over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Abhishek Arya on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/abhishek-arya-a565373/\"\u003eAbhishek Arya on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OSS-Fuzz: Continuous fuzzing for open source software\" rel=\"nofollow\" href=\"https://github.com/google/oss-fuzz/blob/master/README.md\"\u003eOSS-Fuzz: Continuous fuzzing for open source software\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Brings AI Magic to Fuzz Testing\" rel=\"nofollow\" href=\"https://www.securityweek.com/google-brings-ai-magic-to-fuzz-testing-with-eye-opening-results/\"\u003eGoogle Brings AI Magic to Fuzz Testing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AI-Powered Fuzzing: Breaking the Bug Hunting Barrier\" rel=\"nofollow\" href=\"https://security.googleblog.com/2023/08/ai-powered-fuzzing-breaking-bug-hunting.html\"\u003eAI-Powered Fuzzing: Breaking the Bug Hunting Barrier\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AI Cyber Challenge\" rel=\"nofollow\" href=\"https://aicyberchallenge.com/\"\u003eAI Cyber Challenge\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nAbhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB. \r\n\r\nIn this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry's over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.","date_published":"2023-09-12T16:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/013e4610-5aeb-4cb3-89d1-509db8c25ffd.mp3","mime_type":"audio/mpeg","size_in_bytes":31344253,"duration_in_seconds":2007}]},{"id":"22e99482-8572-494f-9416-25773647d809","title":"Dr Sergey Bratus on the 'citizen science' of hacking","url":"https://securityconversations.fireside.fm/sergey-bratus-darpa-safedocs-ai-hacking","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nDr Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College and a program manager at DARPA. In this episode, he discusses his pioneering work on securing parsers and patching long-forgotten devices. He also puts the AI hype into context and showers praise on the labor-of-love \"citizen science\" of hacking all the things.Links:Sergey Bratus Bio","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eDr Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College and a program manager at DARPA. In this episode, he discusses his pioneering work on securing parsers and patching long-forgotten devices. He also puts the AI hype into context and showers praise on the labor-of-love \u0026quot;citizen science\u0026quot; of hacking all the things.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Sergey Bratus Bio\" rel=\"nofollow\" href=\"https://faculty-directory.dartmouth.edu/sergey-bratus\"\u003eSergey Bratus Bio\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nDr Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College and a program manager at DARPA. In this episode, he discusses his pioneering work on securing parsers and patching long-forgotten devices. He also puts the AI hype into context and showers praise on the labor-of-love \"citizen science\" of hacking all the things.","date_published":"2023-08-31T06:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/22e99482-8572-494f-9416-25773647d809.mp3","mime_type":"audio/mpeg","size_in_bytes":34605660,"duration_in_seconds":2402}]},{"id":"7a6ea79b-20e5-402f-b50e-f2c1305e8569","title":"DARPA's Perri Adams on CTF hacking, new $20M AI Cyber Challenge","url":"https://securityconversations.fireside.fm/perri-adams-darpa-ai-cyber-challenge","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nDARPA program manager Perri Adams joins the conversation to chat about her love for CTF hacking competitions, the hunt for leapfrog security technologies in DARPA’s Information Innovation Office (I2O), and the goal of the new AI Cyber Challenge (AIxCC) offering $20 million in prizes to teams competing to develop AI-driven systems to automatically secure critical code.Links:DARPA AI Cyber Challenge Aims to Secure Nation’s Most Critical SoftwareAIxCC - AI Cyber ChallengeFollow Perri Adams on Twitter Google Brings AI Magic to Fuzz TestingAI-Powered Fuzzing: Breaking the Bug Hunting Barrier","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eDARPA program manager Perri Adams joins the conversation to chat about her love for CTF hacking competitions, the hunt for leapfrog security technologies in DARPA’s Information Innovation Office (I2O), and the goal of the new AI Cyber Challenge (AIxCC) offering $20 million in prizes to teams competing to develop AI-driven systems to automatically secure critical code.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"DARPA AI Cyber Challenge Aims to Secure Nation’s Most Critical Software\" rel=\"nofollow\" href=\"https://www.darpa.mil/news-events/2023-08-09\"\u003eDARPA AI Cyber Challenge Aims to Secure Nation’s Most Critical Software\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AIxCC - AI Cyber Challenge\" rel=\"nofollow\" href=\"https://aicyberchallenge.com/\"\u003eAIxCC - AI Cyber Challenge\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Perri Adams on Twitter \" rel=\"nofollow\" href=\"https://twitter.com/perribus\"\u003eFollow Perri Adams on Twitter \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Brings AI Magic to Fuzz Testing\" rel=\"nofollow\" href=\"https://www.securityweek.com/google-brings-ai-magic-to-fuzz-testing-with-eye-opening-results/\"\u003eGoogle Brings AI Magic to Fuzz Testing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AI-Powered Fuzzing: Breaking the Bug Hunting Barrier\" rel=\"nofollow\" href=\"https://security.googleblog.com/2023/08/ai-powered-fuzzing-breaking-bug-hunting.html\"\u003eAI-Powered Fuzzing: Breaking the Bug Hunting Barrier\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nDARPA program manager Perri Adams joins the conversation to chat about her love for CTF hacking competitions, the hunt for leapfrog security technologies in DARPA’s Information Innovation Office (I2O), and the goal of the new AI Cyber Challenge (AIxCC) offering $20 million in prizes to teams competing to develop AI-driven systems to automatically secure critical code.","date_published":"2023-08-20T07:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/7a6ea79b-20e5-402f-b50e-f2c1305e8569.mp3","mime_type":"audio/mpeg","size_in_bytes":25532690,"duration_in_seconds":1607}]},{"id":"6fb48532-6cea-4136-b891-de4095a5f1fd","title":"Ryan Hurst on tech innovation and unsolved problems in security","url":"https://securityconversations.fireside.fm/ryan-hurst-peculiar-ventures","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nPeculiar Ventures chief executive Ryan Hurst joins the show to talk about a career that spanned 20 years at Microsoft and Google, his work building the plumbing for encryption on the web, unsolved problems in BGP security, the hype and promise of AI, and Microsoft's ongoing cloud security hiccups.Links:Projects - Peculiar VenturesRyan Hurst on LinkedInBinarly - AI-powered firmware securitySandboxAQ","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003ePeculiar Ventures chief executive Ryan Hurst joins the show to talk about a career that spanned 20 years at Microsoft and Google, his work building the plumbing for encryption on the web, unsolved problems in BGP security, the hype and promise of AI, and Microsoft\u0026#39;s ongoing cloud security hiccups.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Projects - Peculiar Ventures\" rel=\"nofollow\" href=\"https://peculiarventures.com/projects\"\u003eProjects - Peculiar Ventures\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ryan Hurst on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/ryanmhurst/\"\u003eRyan Hurst on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Binarly - AI-powered firmware security\" rel=\"nofollow\" href=\"https://binarly.io/capabilities\"\u003eBinarly - AI-powered firmware security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SandboxAQ\" rel=\"nofollow\" href=\"https://www.sandboxaq.com/\"\u003eSandboxAQ\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nPeculiar Ventures chief executive Ryan Hurst joins the show to talk about a career that spanned 20 years at Microsoft and Google, his work building the plumbing for encryption on the web, unsolved problems in BGP security, the hype and promise of AI, and Microsoft's ongoing cloud security hiccups.","date_published":"2023-08-16T07:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/6fb48532-6cea-4136-b891-de4095a5f1fd.mp3","mime_type":"audio/mpeg","size_in_bytes":35217292,"duration_in_seconds":2544}]},{"id":"c38cc994-c217-4b50-b5bb-07900a1bee04","title":"Jason Chan on Microsoft's security problems, layoffs and startups","url":"https://securityconversations.fireside.fm/jason-chan-bessemer-venture-partners","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nBessemer Venture Partner's Jason Chan returns to the show for a frank discussion on the state of cyber, including thoughts on Microsoft's prominent security failures, the meaning of layoffs hitting security teams, the excitement around AI, and the long road ahead. The former Netflix security chief also talks about merging of the IT and security functions and the importance of cybersecurity proving its value to the business.Links:Jason Chan, VP, Information Security, NetflixJason Chan on LinkedInFollow Jason on Twitter / XJason Chan - Bessemer Venture Partners — Jason Chan is an operating advisor at Bessemer where he brings over twenty years of experience in cybersecurity and is especially passionate about large-scale systems, cloud security, and improving security in modern software development practices. Most recently, Jason built and led the information security team at Netflix for over a decade. His team at Netflix was known for its contributions to the security community, including over 30 open-source security releases and dozens of conference presentations. He also previously led the security team at VMware and spent most of his earlier career in security consulting. ","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eBessemer Venture Partner\u0026#39;s Jason Chan returns to the show for a frank discussion on the state of cyber, including thoughts on Microsoft\u0026#39;s prominent security failures, the meaning of layoffs hitting security teams, the excitement around AI, and the long road ahead. The former Netflix security chief also talks about merging of the IT and security functions and the importance of cybersecurity proving its value to the business.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Jason Chan, VP, Information Security, Netflix\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/jason-chan-vp-information-security-netflix/\"\u003eJason Chan, VP, Information Security, Netflix\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jason Chan on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/jasonbchan/\"\u003eJason Chan on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Jason on Twitter / X\" rel=\"nofollow\" href=\"https://twitter.com/chanjbs\"\u003eFollow Jason on Twitter / X\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jason Chan - Bessemer Venture Partners\" rel=\"nofollow\" href=\"https://www.bvp.com/team/jason-chan\"\u003eJason Chan - Bessemer Venture Partners\u003c/a\u003e \u0026mdash; Jason Chan is an operating advisor at Bessemer where he brings over twenty years of experience in cybersecurity and is especially passionate about large-scale systems, cloud security, and improving security in modern software development practices. Most recently, Jason built and led the information security team at Netflix for over a decade. His team at Netflix was known for its contributions to the security community, including over 30 open-source security releases and dozens of conference presentations. He also previously led the security team at VMware and spent most of his earlier career in security consulting. \u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nBessemer Venture Partner's Jason Chan returns to the show for a frank discussion on the state of cyber, including thoughts on Microsoft's prominent security failures, the meaning of layoffs hitting security teams, the excitement around AI, and the long road ahead. The former Netflix security chief also talks about merging of the IT and security functions and the importance of cybersecurity proving its value to the business.","date_published":"2023-08-07T07:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/c38cc994-c217-4b50-b5bb-07900a1bee04.mp3","mime_type":"audio/mpeg","size_in_bytes":19285621,"duration_in_seconds":1627}]},{"id":"7532f1bd-4ebc-404a-9553-2f3339cc005f","title":"GitHub security chief Mike Hanley on secure coding, AI and SBOMs","url":"https://securityconversations.fireside.fm/mike-hanley-github","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nGitHub security chief Mike Hanley joins the show to discuss merging the CSO and SVP/Engineering roles, securing data and code in an organization under constant attack, the thrilling promise of AI to the future of secure code, the dangers of equating SBOMs to supply chain security, and new SEC reporting rules for CISOs.Links:Michael Hanley on LinkedInGitHub SecurityGitHub Copilot AI pair programmerBig Tech Vendors Object to US Gov SBOM Mandate","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eGitHub security chief Mike Hanley joins the show to discuss merging the CSO and SVP/Engineering roles, securing data and code in an organization under constant attack, the thrilling promise of AI to the future of secure code, the dangers of equating SBOMs to supply chain security, and new SEC reporting rules for CISOs.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Michael Hanley on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/michael-hanley-b6508913/\"\u003eMichael Hanley on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"GitHub Security\" rel=\"nofollow\" href=\"https://github.com/security\"\u003eGitHub Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"GitHub Copilot AI pair programmer\" rel=\"nofollow\" href=\"https://github.com/features/copilot\"\u003eGitHub Copilot AI pair programmer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Big Tech Vendors Object to US Gov SBOM Mandate\" rel=\"nofollow\" href=\"https://www.securityweek.com/big-tech-vendors-object-us-gov-sbom-mandate/\"\u003eBig Tech Vendors Object to US Gov SBOM Mandate\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nGitHub security chief Mike Hanley joins the show to discuss merging the CSO and SVP/Engineering roles, securing data and code in an organization under constant attack, the thrilling promise of AI to the future of secure code, the dangers of equating SBOMs to supply chain security, and new SEC reporting rules for CISOs.","date_published":"2023-08-02T07:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/7532f1bd-4ebc-404a-9553-2f3339cc005f.mp3","mime_type":"audio/mpeg","size_in_bytes":43779417,"duration_in_seconds":2429}]},{"id":"1c4c139f-1d8a-4f40-9cd2-f317b02723e3","title":"Jason Shockey, Chief Information Security Officer, Cenlar FSB","url":"https://securityconversations.fireside.fm/jason-shockey-ciso-cenlar-fsb","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nCenlar FSB security chief Jason Shockey joins the show to discuss the task of securing a financial institution, pivoting from a career in the military to the private sector, the current state of the job market, managing risk from APTs, and the mission of his My Cyberpath project.Links:Jason Shockey on LinkedInMy CyberpathJason Shockey joins Cenlar FSBNIST Cybersecurity Framework","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eCenlar FSB security chief Jason Shockey joins the show to discuss the task of securing a financial institution, pivoting from a career in the military to the private sector, the current state of the job market, managing risk from APTs, and the mission of his My Cyberpath project.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Jason Shockey on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/jason-shockey/\"\u003eJason Shockey on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"My Cyberpath\" rel=\"nofollow\" href=\"https://www.mycyberpath.com/\"\u003eMy Cyberpath\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jason Shockey joins Cenlar FSB\" rel=\"nofollow\" href=\"https://www.cenlar.com/about-cenlar/cenlar-news/cenlar-appoints-jason-shockey-to-chief-information-security-officer\"\u003eJason Shockey joins Cenlar FSB\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NIST Cybersecurity Framework\" rel=\"nofollow\" href=\"https://www.nist.gov/cyberframework\"\u003eNIST Cybersecurity Framework\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nCenlar FSB security chief Jason Shockey joins the show to discuss the task of securing a financial institution, pivoting from a career in the military to the private sector, the current state of the job market, managing risk from APTs, and the mission of his My Cyberpath project.","date_published":"2023-07-26T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1c4c139f-1d8a-4f40-9cd2-f317b02723e3.mp3","mime_type":"audio/mpeg","size_in_bytes":29816428,"duration_in_seconds":2027}]},{"id":"b66102f9-41e2-40e3-981c-48d2187a490d","title":"Federico Kirschbaum on a life in the Argentina hacking scene","url":"https://securityconversations.fireside.fm/federico-kirschbaum-faraday-argentina-hacking","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nFaraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.Links:Faraday at Black Hat 2023Fede on LinkedInFederico Kirschbaum on TwitterEkopartyPadding Oracles Everywhere (Rizzo/Duong)","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eFaraday chief executive Federico \u0026#39;Fede\u0026#39; Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Faraday at Black Hat 2023\" rel=\"nofollow\" href=\"https://faradaysec.com/our-tools-go-to-black-hat/\"\u003eFaraday at Black Hat 2023\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fede on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/fedek/\"\u003eFede on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Federico Kirschbaum on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/fede_k\"\u003eFederico Kirschbaum on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ekoparty\" rel=\"nofollow\" href=\"https://ekoparty.org/\"\u003eEkoparty\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Padding Oracles Everywhere (Rizzo/Duong)\" rel=\"nofollow\" href=\"https://vimeo.com/15454510\"\u003ePadding Oracles Everywhere (Rizzo/Duong)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nFaraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.","date_published":"2023-07-19T06:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/b66102f9-41e2-40e3-981c-48d2187a490d.mp3","mime_type":"audio/mpeg","size_in_bytes":32506033,"duration_in_seconds":2521}]},{"id":"ba435301-e21a-48fa-86e5-f60fac79d8c7","title":"Kymberlee Price reflects on life at the MSRC, hacker/vendor engagement, bug bounties","url":"https://securityconversations.fireside.fm/kymberlee-price","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nProduct security executive Kymberlee Price joins the show to gab about life in the trenches at the Microsoft Security Response Center (MSRC), the challenges of maintaining healthy hacker/vendor relationships, the harsh realities of bug-bounty programs, and thoughts on the cybersecurity job market.Links:Kymberlee Price on LinkedInBlueHat Seattle Closing Remarks - YouTubeKeynote: Defenders Assemble - Kymberlee PriceBlueHat | Microsoft","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eProduct security executive Kymberlee Price joins the show to gab about life in the trenches at the Microsoft Security Response Center (MSRC), the challenges of maintaining healthy hacker/vendor relationships, the harsh realities of bug-bounty programs, and thoughts on the cybersecurity job market.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Kymberlee Price on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/kymberleeprice/\"\u003eKymberlee Price on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BlueHat Seattle Closing Remarks - YouTube\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=fDoejozUz2w\u0026amp;ab_channel=MicrosoftSecurityResponseCenter%28MSRC%29\"\u003eBlueHat Seattle Closing Remarks - YouTube\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Keynote: Defenders Assemble - Kymberlee Price\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=OG-YbSwN9VA\u0026amp;ab_channel=AppSecPacificNorthwest\"\u003eKeynote: Defenders Assemble - Kymberlee Price\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BlueHat | Microsoft\" rel=\"nofollow\" href=\"https://www.microsoft.com/bluehat/\"\u003eBlueHat | Microsoft\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nProduct security executive Kymberlee Price joins the show to gab about life in the trenches at the Microsoft Security Response Center (MSRC), the challenges of maintaining healthy hacker/vendor relationships, the harsh realities of bug-bounty programs, and thoughts on the cybersecurity job market.","date_published":"2023-07-12T09:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/ba435301-e21a-48fa-86e5-f60fac79d8c7.mp3","mime_type":"audio/mpeg","size_in_bytes":45477037,"duration_in_seconds":2918}]},{"id":"3d8d10bc-8c8d-4829-affb-597b12b849f3","title":"OpenSSF GM Omkhar Arasaratnam on open-source software security","url":"https://securityconversations.fireside.fm/omkhar-arasaratnam-open-source-security-foundation","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nNew General Manager of the Open Source Security Foundation (OpenSSF) Omkhar Arasaratnam joins Ryan for a candid conversation on the challenges surrounding open-source software security, lessons from the Log4j crisis, the value of SBOMs, and the U.S. government efforts at securing America's software supply chains.Links:OpenSSF Welcomes New General ManagerOpenSSF Alpha-OmegaCSRB report on Log4jBig Tech Object to US Gov SBOM MandateOmkhar Arasaratnam on LinkedIn","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eNew General Manager of the Open Source Security Foundation (OpenSSF) Omkhar Arasaratnam joins Ryan for a candid conversation on the challenges surrounding open-source software security, lessons from the Log4j crisis, the value of SBOMs, and the U.S. government efforts at securing America\u0026#39;s software supply chains.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"OpenSSF Welcomes New General Manager\" rel=\"nofollow\" href=\"https://openssf.org/press-release/2023/05/10/openssf-welcomes-new-members-veteran-cybersecurity-expert-as-general-manager-and-new-funding/\"\u003eOpenSSF Welcomes New General Manager\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenSSF Alpha-Omega\" rel=\"nofollow\" href=\"https://openssf.org/community/alpha-omega/\"\u003eOpenSSF Alpha-Omega\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CSRB report on Log4j\" rel=\"nofollow\" href=\"https://www.cisa.gov/sites/default/files/publications/CSRB-Report-on-Log4-July-11-2022_508.pdf\"\u003eCSRB report on Log4j\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Big Tech Object to US Gov SBOM Mandate\" rel=\"nofollow\" href=\"https://www.securityweek.com/big-tech-vendors-object-us-gov-sbom-mandate/\"\u003eBig Tech Object to US Gov SBOM Mandate\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Omkhar Arasaratnam on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/omkhar/\"\u003eOmkhar Arasaratnam on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nNew General Manager of the Open Source Security Foundation (OpenSSF) Omkhar Arasaratnam joins the podcast for a candid conversation on the challenges surrounding open-source software security, lessons from the Log4j crisis, the value of SBOMs, and the U.S. government efforts at securing America's software supply chains.","date_published":"2023-07-05T06:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/3d8d10bc-8c8d-4829-affb-597b12b849f3.mp3","mime_type":"audio/mpeg","size_in_bytes":28989150,"duration_in_seconds":2171}]},{"id":"1209f95e-c427-482b-9ca9-7588a29fedbe","title":"Serial entrepreneur Rishi Bhargava on building another cybersecurity company","url":"https://securityconversations.fireside.fm/rishi-bhargava-descope","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nRishi Bhargava and the team of entrepreneurs behind Demisto’s $560 million exit are back at it with a new startup building technology in the customer identity market. The new company, called Descope, raised an abnormally large $53 million seed-stage funding round with ambitious plans to take on rivals big and small in the customer identity and authentication space.\n\nOn this episode of the podcast, Bhargava joins Ryan to talk about the VC funding landscape, the confusing 'identity' category, the responsibilities of vendors in the identity ecosystem, the emergence of Microsoft and Google as big security players, and some thoughts on the Israeli startup scene.Links:Rishi Bhargava on LinkedInDescope Targets Identity Market with Massive $53M Seed RoundPalo Alto Networks to acquire Demisto for $560M ","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eRishi Bhargava and the team of entrepreneurs behind Demisto’s $560 million exit are back at it with a new startup building technology in the customer identity market. The new company, called Descope, raised an abnormally large $53 million seed-stage funding round with ambitious plans to take on rivals big and small in the customer identity and authentication space.\u003c/p\u003e\n\n\u003cp\u003eOn this episode of the podcast, Bhargava joins Ryan to talk about the VC funding landscape, the confusing \u0026#39;identity\u0026#39; category, the responsibilities of vendors in the identity ecosystem, the emergence of Microsoft and Google as big security players, and some thoughts on the Israeli startup scene.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Rishi Bhargava on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/bhargavarishi/\"\u003eRishi Bhargava on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Descope Targets Identity Market with Massive $53M Seed Round\" rel=\"nofollow\" href=\"https://www.securityweek.com/descope-targets-customer-identity-market-with-massive-53m-seed-round/\"\u003eDescope Targets Identity Market with Massive $53M Seed Round\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Palo Alto Networks to acquire Demisto for $560M \" rel=\"nofollow\" href=\"https://techcrunch.com/2019/02/19/palo-alto-networks-to-acquire-demisto-for-560m/\"\u003ePalo Alto Networks to acquire Demisto for $560M \u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nRishi Bhargava and the team of entrepreneurs behind Demisto’s $560 million exit are back at it with a new startup building technology in the customer identity market. The new company, called Descope, raised an abnormally large $53 million seed-stage funding round with ambitious plans to take on rivals big and small in the customer identity and authentication space.\r\n\r\nOn this episode of the podcast, Bhargava joins Ryan to talk about the VC funding landscape, the confusing 'identity' category, the responsibilities of vendors in the identity ecosystem, the emergence of Microsoft and Google as big security players, and some thoughts on the Israeli startup scene.","date_published":"2023-04-10T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1209f95e-c427-482b-9ca9-7588a29fedbe.mp3","mime_type":"audio/mpeg","size_in_bytes":27304029,"duration_in_seconds":1952}]},{"id":"00323ad0-4a33-4873-951e-5c3d06fff940","title":"Claude Mandy on CISO priorities, data security principles","url":"https://securityconversations.fireside.fm/claude-mandy-data-security-posture-management","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nSymmetry Systems executive Claude Mandy joins the show to discuss a career in the security trenches, life as a CISO during the WannaCry crisis, and first principles around data security. We dig into the emerging Data Security Posture Management (DSPM) category and how it extends the Zero Trust philosophy to hybrid cloud data stores.Links:Claude Mandy on LinkedInWhat is Data Security Posture Management (DSPM)?The DataGuard SolutionFollow Claude Mandy on Twitter","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eSymmetry Systems executive Claude Mandy joins the show to discuss a career in the security trenches, life as a CISO during the WannaCry crisis, and first principles around data security. We dig into the emerging Data Security Posture Management (DSPM) category and how it extends the Zero Trust philosophy to hybrid cloud data stores.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Claude Mandy on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/claudemandy/\"\u003eClaude Mandy on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is Data Security Posture Management (DSPM)?\" rel=\"nofollow\" href=\"https://www.symmetry-systems.com/blog/what-is-data-security-posture-management\"\u003eWhat is Data Security Posture Management (DSPM)?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The DataGuard Solution\" rel=\"nofollow\" href=\"https://www.symmetry-systems.com/product\"\u003eThe DataGuard Solution\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Claude Mandy on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/ClaudeMandy\"\u003eFollow Claude Mandy on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nSymmetry Systems executive Claude Mandy joins the show to discuss a career in the security trenches, life as a CISO during the WannaCry crisis, and first principles around data security. We dig into the emerging Data Security Posture Management (DSPM) category and how it extends the Zero Trust philosophy to hybrid cloud data stores.","date_published":"2023-03-06T07:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/00323ad0-4a33-4873-951e-5c3d06fff940.mp3","mime_type":"audio/mpeg","size_in_bytes":26942052,"duration_in_seconds":2102}]},{"id":"517e5949-6bfd-4225-9a75-c3d75ebf7d4c","title":"Sidra Ahmed Lefort dishes on VC investments and cyber uncertainties","url":"https://securityconversations.fireside.fm/sidra-ahmed-lefort-munich-re-ventures","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nMunich Re Ventures investment principal Sidra Ahmed Lefort joins Ryan Naraine for a frank discussion on the state of VC funding in cybersecurity, the rise (and coming correction) in the land of security 'unicorns', the massive early-stage funding rounds and what they mean, layoffs and contractions, and the places in security still ripe for innovation.Links:Sidra Ahmed Lefort on LinkedInPortfolio | Munich Re VenturesWhat's Going on With Cybersecurity VC Investments?Video: VC View - Trends in Cybersecurity Innovation","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eMunich Re Ventures investment principal Sidra Ahmed Lefort joins Ryan Naraine for a frank discussion on the state of VC funding in cybersecurity, the rise (and coming correction) in the land of security \u0026#39;unicorns\u0026#39;, the massive early-stage funding rounds and what they mean, layoffs and contractions, and the places in security still ripe for innovation.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Sidra Ahmed Lefort on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/sidra-ahmed-lefort/\"\u003eSidra Ahmed Lefort on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Portfolio | Munich Re Ventures\" rel=\"nofollow\" href=\"https://www.munichre.com/mrv/en/portfolio.html\"\u003ePortfolio | Munich Re Ventures\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What\u0026#39;s Going on With Cybersecurity VC Investments?\" rel=\"nofollow\" href=\"https://www.securityweek.com/whats-going-cybersecurity-vc-investments/\"\u003eWhat\u0026#39;s Going on With Cybersecurity VC Investments?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Video: VC View - Trends in Cybersecurity Innovation\" rel=\"nofollow\" href=\"https://vimeo.com/755174743\"\u003eVideo: VC View - Trends in Cybersecurity Innovation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nMunich Re Ventures investment principal Sidra Ahmed Lefort joins Ryan for a frank discussion on the state of VC funding in cybersecurity, the rise (and coming fall?) of 'unicorns', the massive early-stage funding rounds and what they mean, layoffs and contractions, and the areas in security still ripe for innovation.","date_published":"2023-02-15T08:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/517e5949-6bfd-4225-9a75-c3d75ebf7d4c.mp3","mime_type":"audio/mpeg","size_in_bytes":27740001,"duration_in_seconds":1860}]},{"id":"95747fe6-4e2a-4243-a050-6d4ef55e27ac","title":"Paul Roberts on wins and losses in the 'right to repair' battle","url":"https://securityconversations.fireside.fm/paul-roberts-right-to-repair","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nSecuRepairs.org co-founder Paul Roberts joins the show to discuss his passion for the right to repair consumer electronic devices, the big-ticket lobbyists working to undermine the movement, and how changing consumer spending patterns are helping to rack up regulatory wins.Links:SecuRepairs MissionPaul Roberts, Editor-in-Chief, Security Ledger — Paul Roberts, Editor-in-Chief, Security LedgerPaul Roberts on TwitterFight to Repair SubstackTesla is a Vocal Opponent of the Right to Repair. Now we know why. — Tesla is a Vocal Opponent of the Right to Repair. Now we know why.","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eSecuRepairs.org co-founder Paul Roberts joins the show to discuss his passion for the right to repair consumer electronic devices, the big-ticket lobbyists working to undermine the movement, and how changing consumer spending patterns are helping to rack up regulatory wins.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"SecuRepairs Mission\" rel=\"nofollow\" href=\"https://securepairs.org/home/\"\u003eSecuRepairs Mission\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Paul Roberts, Editor-in-Chief, Security Ledger\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/paul-roberts-editor-in-chief-security-ledger/\"\u003ePaul Roberts, Editor-in-Chief, Security Ledger\u003c/a\u003e \u0026mdash; Paul Roberts, Editor-in-Chief, Security Ledger\u003c/li\u003e\u003cli\u003e\u003ca title=\"Paul Roberts on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/paulfroberts\"\u003ePaul Roberts on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fight to Repair Substack\" rel=\"nofollow\" href=\"https://fighttorepair.substack.com/\"\u003eFight to Repair Substack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tesla is a Vocal Opponent of the Right to Repair. Now we know why.\" rel=\"nofollow\" href=\"https://fighttorepair.substack.com/p/teslas-a-vocal-opponent-of-the-right\"\u003eTesla is a Vocal Opponent of the Right to Repair. Now we know why.\u003c/a\u003e \u0026mdash; Tesla is a Vocal Opponent of the Right to Repair. Now we know why.\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nSecuRepairs.org co-founder Paul Roberts joins the show to discuss his passion for the right to repair consumer electronic devices, the big-ticket lobbyists working to undermine the movement, and how changing consumer spending patterns are helping to rack up regulatory wins. ","date_published":"2023-01-19T07:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/95747fe6-4e2a-4243-a050-6d4ef55e27ac.mp3","mime_type":"audio/mpeg","size_in_bytes":68531445,"duration_in_seconds":2852}]},{"id":"33d9d510-6496-4c3d-b118-e77fe9f9d710","title":"Katie Moussouris on where bug bounties went wrong","url":"https://securityconversations.fireside.fm/katie-moussouris-where-bug-bounties-went-wrong","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nLuta Security founder and chief executive Katie Moussouris joins the show to dish on the bug-bounty ecosystem, the abuse of hacker labor, and the common mistakes made by even the most mature security programs. A security industry pioneer, Moussouris argues for better use of bug bounty metrics to drive decisions and a heavy focus on reducing duplicate vulnerability submissions.Links:Katie Moussouris - WikipediaKatie Moussouris on TwitterLuta Security's Vulnerability Coordination Maturity ModelReferral Bounty | Luta Security","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eLuta Security founder and chief executive Katie Moussouris joins the show to dish on the bug-bounty ecosystem, the abuse of hacker labor, and the common mistakes made by even the most mature security programs. A security industry pioneer, Moussouris argues for better use of bug bounty metrics to drive decisions and a heavy focus on reducing duplicate vulnerability submissions.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Katie Moussouris - Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Katie_Moussouris\"\u003eKatie Moussouris - Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Katie Moussouris on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/k8em0\"\u003eKatie Moussouris on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Luta Security\u0026#39;s Vulnerability Coordination Maturity Model\" rel=\"nofollow\" href=\"https://www.lutasecurity.com/vcmm\"\u003eLuta Security\u0026#39;s Vulnerability Coordination Maturity Model\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Referral Bounty | Luta Security\" rel=\"nofollow\" href=\"https://www.lutasecurity.com/referralbounty\"\u003eReferral Bounty | Luta Security\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nLuta Security founder and chief executive Katie Moussouris joins the show to dish on the bug-bounty ecosystem, the abuse of hacker labor, and the common mistakes made by even the most mature security programs. A security industry pioneer, Moussouris argues for better use of bug bounty metrics to drive decisions and a heavy focus on reducing duplicate vulnerability submissions.","date_published":"2022-12-08T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/33d9d510-6496-4c3d-b118-e77fe9f9d710.mp3","mime_type":"audio/mpeg","size_in_bytes":28878724,"duration_in_seconds":1998}]},{"id":"5e5c677b-2d28-448a-a72a-02495822d151","title":"Robinhood CSO Caleb Sima on a career in the security trenches","url":"https://securityconversations.fireside.fm/caleb-sima-cso-robinhood","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nCaleb Sima is a cybersecurity lifer now responsible for security at Robinhood, a mobile stock trading platform. Caleb joins Ryan on the show to discuss the early hacking scene in Atlanta, building SPI Dynamics in a webapp security powerhouse, the evolution of attack surfaces, the CISO's changing priorities, and more...Links:Caleb Sima on LinkedInHP Snaps up SPI DynamicsCaleb Sima (@csima) on TwitterRobinhood BioFirst 90 Days In the CISO Chair","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eCaleb Sima is a cybersecurity lifer now responsible for security at Robinhood, a mobile stock trading platform. Caleb joins Ryan on the show to discuss the early hacking scene in Atlanta, building SPI Dynamics in a webapp security powerhouse, the evolution of attack surfaces, the CISO\u0026#39;s changing priorities, and more...\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Caleb Sima on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/calebsima/\"\u003eCaleb Sima on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"HP Snaps up SPI Dynamics\" rel=\"nofollow\" href=\"https://www.networkworld.com/article/2291884/hp-aims-to-snatch-up-spi-dynamics.html\"\u003eHP Snaps up SPI Dynamics\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Caleb Sima (@csima) on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/csima?lang=en\"\u003eCaleb Sima (@csima) on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Robinhood Bio\" rel=\"nofollow\" href=\"https://investors.robinhood.com/governance/board-of-directors/person-details/default.aspx?ItemId=f7e9c07f-2d9a-4f0c-a069-b7824598ac8f\"\u003eRobinhood Bio\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"First 90 Days In the CISO Chair\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=aO2fQE4zHHw\u0026amp;ab_channel=RSAConference\"\u003eFirst 90 Days In the CISO Chair\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsors: \r\n\r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nCaleb Sima is a cybersecurity lifer now responsible for security at Robinhood, a mobile stock trading platform. Caleb joins Ryan on the show to discuss the early hacking scene in Atlanta, building SPI Dynamics in a webapp security powerhouse, the evolution of attack surfaces, the CISO's changing priorities, and more...","date_published":"2022-11-08T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/5e5c677b-2d28-448a-a72a-02495822d151.mp3","mime_type":"audio/mpeg","size_in_bytes":23037842,"duration_in_seconds":1838}]},{"id":"c59b2c9f-f374-403d-b8dc-684cac518d43","title":"Charlie Miller on hacking iPhones, Macbooks, Jeep and Self-Driving Cars","url":"https://securityconversations.fireside.fm/charlie-miller-hacking-iphones-self-driving-cars","content_text":"Episode sponsors:\n\n\nBinarly (https://binarly.io)\nFwHunt (https://fwhunt.run)\n\n\nFamed hacker Charlie Miller joins Ryan on the podcast to discuss a career in vulnerability research and software exploitation. Charlie talks about hacking iPhones and Macbooks at Pwn2Own, the 'No More Free Bugs' campaign, the Jeep hack that led to a recall and his current work securing Cruise's self-driving fleet. Plus, an interesting take on iOS Lockdown Mode.","content_html":"\u003cp\u003e\u003cstrong\u003eEpisode sponsors:\u003c/strong\u003e\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eBinarly (\u003ca href=\"https://binarly.io\" rel=\"nofollow\"\u003ehttps://binarly.io\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFwHunt (\u003ca href=\"https://fwhunt.run\" rel=\"nofollow\"\u003ehttps://fwhunt.run\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eFamed hacker Charlie Miller joins Ryan on the podcast to discuss a career in vulnerability research and software exploitation. Charlie talks about hacking iPhones and Macbooks at Pwn2Own, the \u0026#39;No More Free Bugs\u0026#39; campaign, the Jeep hack that led to a recall and his current work securing Cruise\u0026#39;s self-driving fleet. Plus, an interesting take on iOS Lockdown Mode.\u003c/p\u003e","summary":"Episode sponsors: \r\n- Binarly (https://binarly.io)\r\n- FwHunt (https://fwhunt.run)\r\n\r\nFamed hacker Charlie Miller joins Ryan on the podcast to discuss a career in vulnerability research and software exploitation. Charlie talks about hacking iPhones and Macbooks at Pwn2Own, the 'No More Free Bugs' campaign, the Jeep hack that led to a recall and his current work securing Cruise's self-driving fleet.","date_published":"2022-10-18T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/c59b2c9f-f374-403d-b8dc-684cac518d43.mp3","mime_type":"audio/mpeg","size_in_bytes":52629491,"duration_in_seconds":3540}]},{"id":"eefa9c91-fd32-43f6-bd09-7ddedda38914","title":"JAG-S on big-game malware hunting and a very mysterious APT","url":"https://securityconversations.fireside.fm/juan-andres-guerrero-saade","content_text":"\nEpisode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.\n\n\nSentinelLabs malware hunter Juan Andres Guerrero-Saade (JAG-S) returns to the show to discuss how big-game attribution has changed over the years, the nation-state APT landscape, Mudge and the nightmares facing CISOs, and a mysterious actor named Metador.Links:Report: The Mystery of MetadorJ. A. Guerrero-Saade on TwitterLABScon - Security Research in Real TimeResearchers Crowdsourcing Effort to Identify Mysterious Metador APT","content_html":"\u003cul\u003e\n\u003cli\u003eEpisode sponsors: \u003ca href=\"https://binarly.io/\" rel=\"nofollow\"\u003eBinarly\u003c/a\u003e and \u003ca href=\"https://fwhunt.run/\" rel=\"nofollow\"\u003eFwHunt\u003c/a\u003e - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eSentinelLabs malware hunter Juan Andres Guerrero-Saade (JAG-S) returns to the show to discuss how big-game attribution has changed over the years, the nation-state APT landscape, Mudge and the nightmares facing CISOs, and a mysterious actor named Metador.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Report: The Mystery of Metador\" rel=\"nofollow\" href=\"https://assets.sentinelone.com/sentinellabs22/metador\"\u003eReport: The Mystery of Metador\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"J. A. Guerrero-Saade on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/juanandres_gs\"\u003eJ. A. Guerrero-Saade on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LABScon - Security Research in Real Time\" rel=\"nofollow\" href=\"https://www.labscon.io/\"\u003eLABScon - Security Research in Real Time\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Researchers Crowdsourcing Effort to Identify Mysterious Metador APT\" rel=\"nofollow\" href=\"https://www.securityweek.com/researchers-crowdsourcing-effort-identify-mysterious-metador-apt\"\u003eResearchers Crowdsourcing Effort to Identify Mysterious Metador APT\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"* Episode sponsors: [Binarly](https://binarly.io/) and [FwHunt](https://fwhunt.run/) - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.\r\n\r\nSentinelLabs malware hunter Juan Andres Guerrero-Saade (JAG-S) returns to the show to discuss how big-game attribution has changed over the years, the nation-state APT landscape, Mudge and the nightmares facing CISOs, and a mysterious actor named Metador.","date_published":"2022-10-17T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/eefa9c91-fd32-43f6-bd09-7ddedda38914.mp3","mime_type":"audio/mpeg","size_in_bytes":41028733,"duration_in_seconds":3160}]},{"id":"04e22eb6-dc8d-4dae-af5b-44f4d4aca81d","title":"Chainguard's Dan Lorenc gets real on software supply chain problems","url":"https://securityconversations.fireside.fm/dan-lorenc-chainguard-supply-chain","content_text":"\nEpisode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.\n\n\nDan Lorenc and a team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation. Links:Dan Lorenc on LinkedInChainguard EnforceSounil Yu on SBOMs, software supply chain securityExtending SBOMs to the firmware layerCybersecurity Leaders Scramble to Decipher SBOM Mandate","content_html":"\u003cul\u003e\n\u003cli\u003eEpisode sponsors: \u003ca href=\"https://binarly.io/\" rel=\"nofollow\"\u003eBinarly\u003c/a\u003e and \u003ca href=\"https://fwhunt.run/\" rel=\"nofollow\"\u003eFwHunt\u003c/a\u003e - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eDan Lorenc and a team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government\u0026#39;s efforts will speed up technology innovation. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Dan Lorenc on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/danlorenc/\"\u003eDan Lorenc on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chainguard Enforce\" rel=\"nofollow\" href=\"https://www.chainguard.dev/chainguard-enforce\"\u003eChainguard Enforce\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sounil Yu on SBOMs, software supply chain security\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/sounil-yu-on-sboms-software-supply-chain-security/\"\u003eSounil Yu on SBOMs, software supply chain security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Extending SBOMs to the firmware layer\" rel=\"nofollow\" href=\"https://securityconversations.com/extending-sboms-to-the-firmware-layer/\"\u003eExtending SBOMs to the firmware layer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cybersecurity Leaders Scramble to Decipher SBOM Mandate\" rel=\"nofollow\" href=\"https://www.securityweek.com/cybersecurity-leaders-scramble-decipher-sbom-mandate\"\u003eCybersecurity Leaders Scramble to Decipher SBOM Mandate\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"* Episode sponsors: [Binarly](https://binarly.io/) and [FwHunt](https://fwhunt.run/) - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.\r\n\r\nDan Lorenc and team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation.","date_published":"2022-10-13T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/04e22eb6-dc8d-4dae-af5b-44f4d4aca81d.mp3","mime_type":"audio/mpeg","size_in_bytes":36469411,"duration_in_seconds":2827}]},{"id":"7a9eb978-4725-4bcf-8c04-525df6c2bcff","title":"Vinnie Liu discusses a life in the offensive security trenches","url":"https://securityconversations.fireside.fm/vinnie-liu-bishop-fox","content_text":"A conversation with Bishop Fox chief executive Vinnie Liu on the origins and evolution of the pentest services business, the emerging continuous attack surface management space, raising $75m as a 'growth mode' investment, cybersecurity's people problem, and much more...Links:Vinnie Liu on LinkedInVinnie Liu at MS BlueHat v8Anti-Drone Tools Tested: From Shotguns To Superdrones","content_html":"\u003cp\u003eA conversation with Bishop Fox chief executive Vinnie Liu on the origins and evolution of the pentest services business, the emerging continuous attack surface management space, raising $75m as a \u0026#39;growth mode\u0026#39; investment, cybersecurity\u0026#39;s people problem, and much more...\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Vinnie Liu on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/vinnieliu/\"\u003eVinnie Liu on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Vinnie Liu at MS BlueHat v8\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=WC7kpauRr9s\u0026amp;ab_channel=BishopFox\"\u003eVinnie Liu at MS BlueHat v8\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Anti-Drone Tools Tested: From Shotguns To Superdrones\" rel=\"nofollow\" href=\"https://www.wired.com/story/watch-anti-drone-weapons-test/\"\u003eAnti-Drone Tools Tested: From Shotguns To Superdrones\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"A conversation with Bishop Fox chief executive Vinnie Liu on the origins and evolution of the pentest services business, the emerging continuous attack surface management space, raising $75m as a 'growth mode' investment, cybersecurity's people problem, and much more...","date_published":"2022-08-07T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/7a9eb978-4725-4bcf-8c04-525df6c2bcff.mp3","mime_type":"audio/mpeg","size_in_bytes":162616279,"duration_in_seconds":4054}]},{"id":"496e9c57-c664-4955-817f-3885678f1c43","title":"Down memory lane with Snort and Sourcefire creator Marty Roesch","url":"https://securityconversations.fireside.fm/marty-roesch-snort-to-netography","content_text":"Network security pioneer Marty Roesch takes listeners on a trip down memory lane, sharing stories from the creation of Snort back in the 1990s, the startup journey of building Sourcefire into an IDS/IPS powerhouse and selling the company for $2 billion, the U.S. government killing a Check Point acquisition, and his newest adventure as chief executive at Netography.Links:Martin Roesch on LinkedInMartin Roesch - WikipediaMartin Roesch on TwitterThe early days of SnortCisco Banks On Sourcefire And Snort For Its Security FutureCheck Point Aborts Sourcefire AcquisitionMartin Roesch joins Netography as CEO","content_html":"\u003cp\u003eNetwork security pioneer Marty Roesch takes listeners on a trip down memory lane, sharing stories from the creation of Snort back in the 1990s, the startup journey of building Sourcefire into an IDS/IPS powerhouse and selling the company for $2 billion, the U.S. government killing a Check Point acquisition, and his newest adventure as chief executive at Netography.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Martin Roesch on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/maroesch/\"\u003eMartin Roesch on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Martin Roesch - Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Martin_Roesch\"\u003eMartin Roesch - Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Martin Roesch on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/mroesch\"\u003eMartin Roesch on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The early days of Snort\" rel=\"nofollow\" href=\"https://packetstormsecurity.com/sniffers/snort/page10/\"\u003eThe early days of Snort\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cisco Banks On Sourcefire And Snort For Its Security Future\" rel=\"nofollow\" href=\"https://www.darkreading.com/perimeter/cisco-banks-on-sourcefire-and-snort-for-its-security-future\"\u003eCisco Banks On Sourcefire And Snort For Its Security Future\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Check Point Aborts Sourcefire Acquisition\" rel=\"nofollow\" href=\"https://www.eweek.com/security/check-point-aborts-sourcefire-acquisition/\"\u003eCheck Point Aborts Sourcefire Acquisition\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Martin Roesch joins Netography as CEO\" rel=\"nofollow\" href=\"https://netography.com/snort-inventor-and-sourcefire-founder-martin-roesch-joins-netography-as-ceo/\"\u003eMartin Roesch joins Netography as CEO\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Network security pioneer Marty Roesch takes listeners on a trip down memory lane, sharing stories from the creation of Snort back in the 1990s, the startup journey of building Sourcefire into an IDS/IPS powerhouse and selling the company for $2 billion, the U.S. government killing a Check Point acquisition, and his newest adventure as chief executive at Netography.","date_published":"2022-07-25T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/496e9c57-c664-4955-817f-3885678f1c43.mp3","mime_type":"audio/mpeg","size_in_bytes":55669642,"duration_in_seconds":4054}]},{"id":"a7042944-dfc0-4106-81b0-ded42d786570","title":"Subbu Rama, co-founder and CEO, BalkanID","url":"https://securityconversations.fireside.fm/subbu-rama-balkan-id","content_text":"Serial entrepreneur Subbu Rama joins the show to talk about building a cybersecurity business, addressing the problem of entitlement sprawl and raising seed funding for intelligent access governance technology.Links:BalkanID Platform ArchitectureSubbu Rama on LinkedInSubbu Rama on Twitter","content_html":"\u003cp\u003eSerial entrepreneur Subbu Rama joins the show to talk about building a cybersecurity business, addressing the problem of entitlement sprawl and raising seed funding for intelligent access governance technology.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"BalkanID Platform Architecture\" rel=\"nofollow\" href=\"https://www.balkan.id/platform\"\u003eBalkanID Platform Architecture\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Subbu Rama on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/subburama/\"\u003eSubbu Rama on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Subbu Rama on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/Subburama\"\u003eSubbu Rama on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Serial entrepreneur Subbu Rama joins the show to talk about building a cybersecurity business, addressing the problem of entitlement sprawl and raising seed funding for intelligent access governance technology.","date_published":"2022-06-01T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a7042944-dfc0-4106-81b0-ded42d786570.mp3","mime_type":"audio/mpeg","size_in_bytes":19120903,"duration_in_seconds":2057}]},{"id":"97c47b7c-f218-4b1b-a4ae-1322852da212","title":"Project Zero's Maddie Stone on the surge in zero-day discoveries","url":"https://securityconversations.fireside.fm/maddie-stone-project-zero","content_text":"Maddie Stone is a security researcher in Google's Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.Links:A Year in Review of 0-days Used In-the-Wild in 2021Maddie Stone on LinkedIn0day \"In the Wild\" Spreadsheet\r\nMaddie Stone on Twitter","content_html":"\u003cp\u003eMaddie Stone is a security researcher in Google\u0026#39;s Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"A Year in Review of 0-days Used In-the-Wild in 2021\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html\"\u003eA Year in Review of 0-days Used In-the-Wild in 2021\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Maddie Stone on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/maddie-stone-192a6544/\"\u003eMaddie Stone on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"0day \u0026quot;In the Wild\u0026quot; Spreadsheet\" rel=\"nofollow\" href=\"https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=0\"\u003e0day \u0026quot;In the Wild\u0026quot; Spreadsheet\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Maddie Stone on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/maddiestone\"\u003eMaddie Stone on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Maddie Stone is a security researcher in Google's Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.","date_published":"2022-05-10T12:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/97c47b7c-f218-4b1b-a4ae-1322852da212.mp3","mime_type":"audio/mpeg","size_in_bytes":30298830,"duration_in_seconds":2530}]},{"id":"799a8835-058d-409d-b378-6f5f3e13c46e","title":"Prof. Mohit Tiwari on the future of securing data at scale","url":"https://securityconversations.fireside.fm/mohit-tiwari-symmetry-systems","content_text":"Symmetry Systems co-founder Mohit Tiwari has been studying data security and control flow access for more than a decade. On this episode of the podcast, he discusses his transition from academia to data security entrepreneurship, first principles around the data security and privacy, the exploding DSPM (data security posture management) space, and the mission to solve one of cybersecurity's biggest problems.Links:Mohit Tiwari | University of Texas at AustinMohit Tiwari on LinkedInFollow Mohit on TwitterSymmetry Systems DataGuardWhy is DSOS an unsolved problem?","content_html":"\u003cp\u003eSymmetry Systems co-founder Mohit Tiwari has been studying data security and control flow access for more than a decade. On this episode of the podcast, he discusses his transition from academia to data security entrepreneurship, first principles around the data security and privacy, the exploding DSPM (data security posture management) space, and the mission to solve one of cybersecurity\u0026#39;s biggest problems.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Mohit Tiwari | University of Texas at Austin\" rel=\"nofollow\" href=\"https://www.ece.utexas.edu/people/faculty/mohit-tiwari\"\u003eMohit Tiwari | University of Texas at Austin\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mohit Tiwari on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/mohit-tiwari8/\"\u003eMohit Tiwari on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Mohit on Twitter\" rel=\"nofollow\" href=\"https://mobile.twitter.com/mt_lattices\"\u003eFollow Mohit on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Symmetry Systems DataGuard\" rel=\"nofollow\" href=\"https://www.symmetry-systems.com/product\"\u003eSymmetry Systems DataGuard\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why is DSOS an unsolved problem?\" rel=\"nofollow\" href=\"https://www.symmetry-systems.com/problem-dsos\"\u003eWhy is DSOS an unsolved problem?\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Symmetry Systems co-founder Mohit Tiwari has been studying data security and control flow access for more than a decade. On this episode of the podcast, he discusses his transition from academia to data security entrepreneurship, first principles around the data security and privacy, the exploding DSPM (data security posture management) space, and the mission to solve one of cybersecurity's biggest problems.","date_published":"2022-05-06T00:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/799a8835-058d-409d-b378-6f5f3e13c46e.mp3","mime_type":"audio/mpeg","size_in_bytes":34562435,"duration_in_seconds":2761}]},{"id":"fb354ea5-acaf-443d-a97d-373e1adc92b0","title":"Google's Shane Huntley on zero-days and the nation-state threat landscape","url":"https://securityconversations.fireside.fm/shane-huntley-google-tag","content_text":"Director at Google's Threat Analysis Group (TAG) Shane Huntley joins the show and talks about lessons from the 2009 Aurora attacks, the surge in zero-day discoveries, the usefulness of IOCs, North Korean APT operations, private sector mercenary hackers, the expanding nation-state threat actor map, and much more...Links:Shane Huntley on LinkedInTwitter: @ShaneHuntleyProject Zero: FORCEDENTRY Sandbox EscapeGoogle and Operation Aurora A walk through Google Project Zero metricsProject Zero: 0day \"In the Wild\" Database","content_html":"\u003cp\u003eDirector at Google\u0026#39;s Threat Analysis Group (TAG) Shane Huntley joins the show and talks about lessons from the 2009 Aurora attacks, the surge in zero-day discoveries, the usefulness of IOCs, North Korean APT operations, private sector mercenary hackers, the expanding nation-state threat actor map, and much more...\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Shane Huntley on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/shanehuntley/\"\u003eShane Huntley on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Twitter: @ShaneHuntley\" rel=\"nofollow\" href=\"https://mobile.twitter.com/shanehuntley\"\u003eTwitter: @ShaneHuntley\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: FORCEDENTRY Sandbox Escape\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html\"\u003eProject Zero: FORCEDENTRY Sandbox Escape\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google and Operation Aurora \" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Operation_Aurora\"\u003eGoogle and Operation Aurora \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"A walk through Google Project Zero metrics\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2022/02/a-walk-through-project-zero-metrics.html\"\u003eA walk through Google Project Zero metrics\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: 0day \u0026quot;In the Wild\u0026quot; Database\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/p/0day.html\"\u003eProject Zero: 0day \u0026quot;In the Wild\u0026quot; Database\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Director at Google's Threat Analysis Group (TAG) Shane Huntley joins the show and talks about lessons from the 2009 Aurora attacks, the surge in zero-day discoveries, the usefulness of IOCs, North Korean APT operations, private sector mercenary hackers, the expanding nation-state threat actor map, and much more...","date_published":"2022-04-04T06:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/fb354ea5-acaf-443d-a97d-373e1adc92b0.mp3","mime_type":"audio/mpeg","size_in_bytes":79196359,"duration_in_seconds":2444}]},{"id":"12d22943-4ba7-4d5b-82db-f731cea697ef","title":"Lamont Orange, CISO, Netskope","url":"https://securityconversations.fireside.fm/lamont-orange-ciso-netskope","content_text":"Netskope security chief Lamont Orange joins the show to chat about the changing role of the Chief Information Security Officer (CISO), managing security as a business enabler, the cybersecurity skills shortage, and his own unique approach to security leadership.Links:Lamont Orange: A CISO's Point of View on Log4jFive minutes with Lamont OrangeLamont Orange columns on DarkReading","content_html":"\u003cp\u003eNetskope security chief Lamont Orange joins the show to chat about the changing role of the Chief Information Security Officer (CISO), managing security as a business enabler, the cybersecurity skills shortage, and his own unique approach to security leadership.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Lamont Orange: A CISO\u0026#39;s Point of View on Log4j\" rel=\"nofollow\" href=\"https://www.netskope.com/blog/a-cisos-point-of-view-on-log4j\"\u003eLamont Orange: A CISO\u0026#39;s Point of View on Log4j\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Five minutes with Lamont Orange\" rel=\"nofollow\" href=\"https://www.securitymagazine.com/articles/95493-minutes-with-lamont-orange---fostering-a-security-first-culture-with-sase-adoption\"\u003eFive minutes with Lamont Orange\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lamont Orange columns on DarkReading\" rel=\"nofollow\" href=\"https://www.darkreading.com/author/lamont-orange\"\u003eLamont Orange columns on DarkReading\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Netskope security chief Lamont Orange joins the show to chat about the changing role of the Chief Information Security Officer (CISO), managing security as a business enabler, the cybersecurity skills shortage, and his own unique approach to security leadership.","date_published":"2022-03-21T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/12d22943-4ba7-4d5b-82db-f731cea697ef.mp3","mime_type":"audio/mpeg","size_in_bytes":22732322,"duration_in_seconds":1562}]},{"id":"1e1458ae-78d3-445a-8b8a-42cee0397f6c","title":"Haroon Meer on the business of cybersecurity ","url":"https://securityconversations.fireside.fm/haroon-meer-thinkst","content_text":"Thinkst founder and CEO Haroon Meer joins Ryan Naraine on the show to talk about building a successful cybersecurity company without venture capital investment, fast-moving attack surfaces and the never-ending battle to mitigate memory corruption issues.Links:Haroon Meer on TwitterThinkst: We bootstrapped to $11 million in ARRMemory Corruption and Hacker FolkloreThinkst CanaryPodcast: Haroon Meer, Thinkst Applied Research","content_html":"\u003cp\u003eThinkst founder and CEO Haroon Meer joins Ryan Naraine on the show to talk about building a successful cybersecurity company without venture capital investment, fast-moving attack surfaces and the never-ending battle to mitigate memory corruption issues.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Haroon Meer on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/haroonmeer\"\u003eHaroon Meer on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Thinkst: We bootstrapped to $11 million in ARR\" rel=\"nofollow\" href=\"https://blog.thinkst.com/2021/03/we-bootstrapped-to-11-million-in-arr.html\"\u003eThinkst: We bootstrapped to $11 million in ARR\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Memory Corruption and Hacker Folklore\" rel=\"nofollow\" href=\"https://blog.thinkst.com/2010/05/memory-corruption-and-hacker-folklore.html\"\u003eMemory Corruption and Hacker Folklore\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Thinkst Canary\" rel=\"nofollow\" href=\"https://canary.tools/\"\u003eThinkst Canary\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Podcast: Haroon Meer, Thinkst Applied Research\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/haroon-meer-ceo-thinkst-applied-research/\"\u003ePodcast: Haroon Meer, Thinkst Applied Research\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Thinkst founder and CEO Haroon Meer joins Ryan Naraine on the show to talk about building a successful cybersecurity company without venture capital investment, fast-moving attack surfaces and the never-ending battle to mitigate memory corruption issues.","date_published":"2022-03-19T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1e1458ae-78d3-445a-8b8a-42cee0397f6c.mp3","mime_type":"audio/mpeg","size_in_bytes":58885756,"duration_in_seconds":4512}]},{"id":"d26fa37e-4956-44ec-922d-de42c4ebf58f","title":"Tony Pepper, co-founder and CEO, Egress","url":"https://securityconversations.fireside.fm/tony-pepper-egress","content_text":"Chief executive officer at Egress Tony Pepper joins the show to talk about entrepreneurship in the fast-paced age of modern computing, the state of e-mail security, and his company's bet on securing the future of messaging in the enterprise.Links:About EgressTony Pepper on LinkedInInfoSecurity Interview: Tony Pepper ","content_html":"\u003cp\u003eChief executive officer at Egress Tony Pepper joins the show to talk about entrepreneurship in the fast-paced age of modern computing, the state of e-mail security, and his company\u0026#39;s bet on securing the future of messaging in the enterprise.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"About Egress\" rel=\"nofollow\" href=\"https://www.egress.com/about\"\u003eAbout Egress\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tony Pepper on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/tony-pepper-023298\"\u003eTony Pepper on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"InfoSecurity Interview: Tony Pepper \" rel=\"nofollow\" href=\"https://www.infosecurity-magazine.com/interviews/tony-pepper-egress-acquisition/\"\u003eInfoSecurity Interview: Tony Pepper \u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Chief executive officer at Egress Tony Pepper joins the show to talk about entrepreneurship in the fast-paced age of modern computing, the state of e-mail security, and his company's bet on securing the future of messaging in the enterprise.","date_published":"2022-02-22T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/d26fa37e-4956-44ec-922d-de42c4ebf58f.mp3","mime_type":"audio/mpeg","size_in_bytes":22890355,"duration_in_seconds":1177}]},{"id":"367c5dd6-8956-42a5-b804-887991a31ff3","title":"Microsoft's Justin Campbell on offensive security research","url":"https://securityconversations.fireside.fm/justin-campbell-microsoft","content_text":"Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces.Links:Microsoft Flags SolarWinds Serv-U 0-day exploitSolarWinds Serv-U RCE advisoryIn-the-wild zero-day counterHacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation","content_html":"\u003cp\u003eJustin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team\u0026#39;s discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving \u0026#39;shift-left\u0026#39; mindset and Redmond\u0026#39;s ongoing work to reduce attack surfaces.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Microsoft Flags SolarWinds Serv-U 0-day exploit\" rel=\"nofollow\" href=\"https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit/\"\u003eMicrosoft Flags SolarWinds Serv-U 0-day exploit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SolarWinds Serv-U RCE advisory\" rel=\"nofollow\" href=\"https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211\"\u003eSolarWinds Serv-U RCE advisory\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"In-the-wild zero-day counter\" rel=\"nofollow\" href=\"https://www.zero-day.cz/\"\u003eIn-the-wild zero-day counter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation\" rel=\"nofollow\" href=\"https://www.securityweek.com/microsoft-hacked-solarwinds-ftp-software-lacked-basic-anti-exploit-mitigation\"\u003eHacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces.","date_published":"2022-01-08T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/367c5dd6-8956-42a5-b804-887991a31ff3.mp3","mime_type":"audio/mpeg","size_in_bytes":23909293,"duration_in_seconds":1636}]},{"id":"e7355605-c0fe-41c9-b55d-6f2775d8cc86","title":"Costin Raiu on the .gov mobile exploitation business","url":"https://securityconversations.fireside.fm/costin-raiu-mobile-exploitation","content_text":"Global director of Kaspersky's GReAT research team Costin Raiu returns to the show for an indepth discussion on the mobile surveillance business, the technically impressive FORCEDENTRY iOS exploit, the ethical questions facing exploit developers and the role of venture capitalists in the mobile malware ecosystem.Links:Google Says NSO Pegasus Zero-Click 'Most Technically Sophisticated Exploit Ever Seen'Project Zero: A deep dive into an NSO zero-click iMessage exploitThe Million Dollar Dissident: NSO Group's iPhone Zero-DaysPegasus vs. Predator: Doubly-Infected iPhone Reveals Cytrox Mercenary VendorProliferation of Cyber Capabilities in International Arms Markets","content_html":"\u003cp\u003eGlobal director of Kaspersky\u0026#39;s GReAT research team Costin Raiu returns to the show for an indepth discussion on the mobile surveillance business, the technically impressive FORCEDENTRY iOS exploit, the ethical questions facing exploit developers and the role of venture capitalists in the mobile malware ecosystem.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Google Says NSO Pegasus Zero-Click \u0026#39;Most Technically Sophisticated Exploit Ever Seen\u0026#39;\" rel=\"nofollow\" href=\"https://www.securityweek.com/google-says-nso-pegasus-zero-click-most-technically-sophisticated-exploit-ever-seen\"\u003eGoogle Says NSO Pegasus Zero-Click \u0026#39;Most Technically Sophisticated Exploit Ever Seen\u0026#39;\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: A deep dive into an NSO zero-click iMessage exploit\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html\"\u003eProject Zero: A deep dive into an NSO zero-click iMessage exploit\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Million Dollar Dissident: NSO Group\u0026#39;s iPhone Zero-Days\" rel=\"nofollow\" href=\"https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/\"\u003eThe Million Dollar Dissident: NSO Group\u0026#39;s iPhone Zero-Days\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Pegasus vs. Predator: Doubly-Infected iPhone Reveals Cytrox Mercenary Vendor\" rel=\"nofollow\" href=\"https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/\"\u003ePegasus vs. Predator: Doubly-Infected iPhone Reveals Cytrox Mercenary Vendor\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Proliferation of Cyber Capabilities in International Arms Markets\" rel=\"nofollow\" href=\"https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/surveillance-technology-at-the-fair/\"\u003eProliferation of Cyber Capabilities in International Arms Markets\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Global director of Kaspersky's GReAT research team Costin Raiu returns to the show for an indepth discussion on the mobile surveillance business, the technically impressive FORCEDENTRY iOS exploit, the ethical questions facing exploit developers and the role of venture capitalists in the mobile malware ecosystem.","date_published":"2021-12-23T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/e7355605-c0fe-41c9-b55d-6f2775d8cc86.mp3","mime_type":"audio/mpeg","size_in_bytes":39704215,"duration_in_seconds":2478}]},{"id":"718dc2f2-0bd5-4d83-a950-cd8fc0f60b12","title":"Amanda Gorton, co-founder and CEO, Corellium","url":"https://securityconversations.fireside.fm/amanda-gorton-corellium","content_text":"Corellium co-founder and chief executive Amanda Gorton joins the show to talk about raising $25 million in Series A funding, the market fit for device modeling and software virtualization products, the trials and tribulations of startup life, and the nuances of operating in the world of offensive security research.Links:Corellium Secures $25M Series A RoundCorellium Lands $25 Million Investment for Virtualization TechCorellium for Journalists","content_html":"\u003cp\u003eCorellium co-founder and chief executive Amanda Gorton joins the show to talk about raising $25 million in Series A funding, the market fit for device modeling and software virtualization products, the trials and tribulations of startup life, and the nuances of operating in the world of offensive security research.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Corellium Secures $25M Series A Round\" rel=\"nofollow\" href=\"https://www.businesswire.com/news/home/20211216005045/en/Corellium-Secures-25M-Series-A-Round-Led-by-Paladin-Capital-Group-with-Participation-from-Cisco-Investments\"\u003eCorellium Secures $25M Series A Round\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Corellium Lands $25 Million Investment for Virtualization Tech\" rel=\"nofollow\" href=\"https://www.securityweek.com/corellium-lands-25-million-investment-virtualization-tech\"\u003eCorellium Lands $25 Million Investment for Virtualization Tech\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Corellium for Journalists\" rel=\"nofollow\" href=\"https://www.corellium.com/journalists\"\u003eCorellium for Journalists\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Corellium co-founder and chief executive Amanda Gorton joins the show to talk about raising $25 million in Series A funding, the market fit for device modeling and software virtualization products, the trials and tribulations of startup life, and the nuances of operating in the world of offensive security research.","date_published":"2021-12-20T16:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/718dc2f2-0bd5-4d83-a950-cd8fc0f60b12.mp3","mime_type":"audio/mpeg","size_in_bytes":44159937,"duration_in_seconds":2780}]},{"id":"a0a3b03b-d1b1-4fb9-8735-8a6636b693fd","title":"Intel's Venky Venkateswaran on hardware-enabled security","url":"https://securityconversations.fireside.fm/venky-venkateswaran-intel","content_text":"Venky Venkateswaran works on client security and roadmap planning at Intel Corp. On this episode of the podcast, Venky joins Ryan to talk about a reported surge in firmware attacks, Intel's ongoing investments in cybersecurity, the importance of transparency and open documentation, and the company's push to fight ransomware with its flagship TDT (Threat Detection Technology).Links:\u0026gt; Extending SBOMs to the firmware layer\u0026gt; Hardware Based Security for Business (Intel)\u0026gt; Alex Matrosov on the state of firmware security\u0026gt; Microsoft Launches JIT-Free 'Super Duper Secure Mode' Edge Browser Experiment","content_html":"\u003cp\u003eVenky Venkateswaran works on client security and roadmap planning at Intel Corp. On this episode of the podcast, Venky joins Ryan to talk about a reported surge in firmware attacks, Intel\u0026#39;s ongoing investments in cybersecurity, the importance of transparency and open documentation, and the company\u0026#39;s push to fight ransomware with its flagship TDT (Threat Detection Technology).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"\u0026gt; Extending SBOMs to the firmware layer\" rel=\"nofollow\" href=\"https://securityconversations.com/extending-sboms-to-the-firmware-layer/\"\u003e\u0026gt; Extending SBOMs to the firmware layer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"\u0026gt; Hardware Based Security for Business (Intel)\" rel=\"nofollow\" href=\"https://www.intel.com/content/www/us/en/business/enterprise-computers/hardware-security.html\"\u003e\u0026gt; Hardware Based Security for Business (Intel)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"\u0026gt; Alex Matrosov on the state of firmware security\" rel=\"nofollow\" href=\"https://securityconversations.com/episode/alex-matrosov-on-the-state-of-security-at-the-firmware-layer/\"\u003e\u0026gt; Alex Matrosov on the state of firmware security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"\u0026gt; Microsoft Launches JIT-Free \u0026#39;Super Duper Secure Mode\u0026#39; Edge Browser Experiment\" rel=\"nofollow\" href=\"https://www.securityweek.com/microsoft-launches-jit-free-super-duper-secure-mode-edge-browser-experiment\"\u003e\u0026gt; Microsoft Launches JIT-Free \u0026#39;Super Duper Secure Mode\u0026#39; Edge Browser Experiment\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Venky Venkateswaran works on client security and roadmap planning at Intel Corp. On this episode of the podcast, Venky joins Ryan to talk about a reported surge in firmware attacks, Intel's ongoing investments in cybersecurity, the importance of transparency and open documentation, and the company's push to fight ransomware with its flagship TDT (Threat Detection Technology).","date_published":"2021-09-09T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a0a3b03b-d1b1-4fb9-8735-8a6636b693fd.mp3","mime_type":"audio/mpeg","size_in_bytes":31052415,"duration_in_seconds":2120}]},{"id":"ca890116-c6d7-4107-8c9d-b4b64ed28927","title":"Sounil Yu on SBOMs, software supply chain security","url":"https://securityconversations.fireside.fm/sounil-yu-sboms-supply-chain-security","content_text":"Episode sponsored by SecurityWeek.com\n\nJupiterOne CISO Sounil Yu joins the show to sift through the noise and explain the value of SBOMs (software bill of materials), the U.S. government's response to software supply chain security gaps, and what every buyer and seller should be doing to prepare for major changes in the ecosystem.","content_html":"\u003cp\u003eEpisode sponsored by SecurityWeek.com\u003c/p\u003e\n\n\u003cp\u003eJupiterOne CISO Sounil Yu joins the show to sift through the noise and explain the value of SBOMs (software bill of materials), the U.S. government\u0026#39;s response to software supply chain security gaps, and what every buyer and seller should be doing to prepare for major changes in the ecosystem.\u003c/p\u003e","summary":"Episode sponsored by SecurityWeek.com\r\n\r\nJupiterOne CISO Sounil Yu joins the show to sift through the noise and explain the value of SBOMs (software bill of materials), the U.S. government's response to software supply chain security gaps, and what every buyer and seller should be doing to prepare for major changes in the ecosystem.","date_published":"2021-07-13T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/ca890116-c6d7-4107-8c9d-b4b64ed28927.mp3","mime_type":"audio/mpeg","size_in_bytes":58362999,"duration_in_seconds":2906}]},{"id":"af2bae60-6a2d-49d3-856d-5cabb850cfc1","title":"Algirde Pipikaite, Centre for Cybersecurity, World Economic Forum","url":"https://securityconversations.fireside.fm/algirde-pipikaite-world-economic-forum","content_text":"Episode sponsored by MongoDB.com.\n\nAlgirde Pipikaite, the project lead of the Governance and Policy team at the Center for Cybersecurity at the World Economic Forum, joins the podcast to discuss her work to bridge the gap between cybersecurity experts and decision makers. We chat about communicating risk to different audiences, cybersecurity as a business enabler, and the need for more global private-public collaboration.Links:Algirde Pipikaite ProfileDeveloping the Future of Policy for CybersecurityCNBC: Cyberattacks on the rise amid coronavirus crisis, WEF expert says","content_html":"\u003cp\u003eEpisode sponsored by MongoDB.com.\u003c/p\u003e\n\n\u003cp\u003eAlgirde Pipikaite, the project lead of the Governance and Policy team at the Center for Cybersecurity at the World Economic Forum, joins the podcast to discuss her work to bridge the gap between cybersecurity experts and decision makers. We chat about communicating risk to different audiences, cybersecurity as a business enabler, and the need for more global private-public collaboration.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Algirde Pipikaite Profile\" rel=\"nofollow\" href=\"https://www.weforum.org/agenda/authors/algirde-pipikaite\"\u003eAlgirde Pipikaite Profile\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Developing the Future of Policy for Cybersecurity\" rel=\"nofollow\" href=\"https://www.hks.harvard.edu/educational-programs/executive-education/executive-education-alumni/executive-education-alumni-13\"\u003eDeveloping the Future of Policy for Cybersecurity\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CNBC: Cyberattacks on the rise amid coronavirus crisis, WEF expert says\" rel=\"nofollow\" href=\"https://www.cnbc.com/video/2020/05/22/cyberattacks-on-the-rise-amid-coronavirus-crisis-wef-expert-says.html\"\u003eCNBC: Cyberattacks on the rise amid coronavirus crisis, WEF expert says\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Episode sponsored by MongoDB.com.\r\n\r\nAlgirde Pipikaite, the project lead of the Governance and Policy team at the Center for Cybersecurity at the World Economic Forum, joins the podcast to discuss her work to bridge the gap between cybersecurity experts and decision makers. We chat about communicating risk to different audiences, cybersecurity as a business enabler, and the need for more global private-public collaboration.\r\nAlgirde Pipikaite, the project lead of the Governance and Policy team at the Center for Cybersecurity at the World Economic Forum, joins the podcast to discuss her work to bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority.","date_published":"2021-07-06T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/af2bae60-6a2d-49d3-856d-5cabb850cfc1.mp3","mime_type":"audio/mpeg","size_in_bytes":26866644,"duration_in_seconds":2402}]},{"id":"1aefd66d-be45-405a-a030-d0e2d9a9e51e","title":"Josh Schwartz on red-teaming and proactive security engineering","url":"https://securityconversations.fireside.fm/josh-schwartz-verizon-media-yahoo","content_text":"Josh Schwartz, aka FuzzyNop, oversees offensive security, product engineering, and security engagement functions at Verizon Media (soon to be Yahoo). He shares insights on red-teaming, overcoming the adversarial relationship between red/blue teams. chasing the \"feeling\" of being secure, and why there's a need for more empathy in cybersecurity. \n\n(Episode sponsored by Eclypsium)","content_html":"\u003cp\u003eJosh Schwartz, aka FuzzyNop, oversees offensive security, product engineering, and security engagement functions at Verizon Media (soon to be Yahoo). He shares insights on red-teaming, overcoming the adversarial relationship between red/blue teams. chasing the \u0026quot;feeling\u0026quot; of being secure, and why there\u0026#39;s a need for more empathy in cybersecurity. \u003c/p\u003e\n\n\u003cp\u003e(\u003ca href=\"https://eclypsium.com\" rel=\"nofollow\"\u003eEpisode sponsored by Eclypsium\u003c/a\u003e)\u003c/p\u003e","summary":"Josh Schwartz, aka FuzzyNop, oversees offensive security, product engineering, and security engagement functions at Verizon Media (soon to be Yahoo). He shares insights on red-teaming, overcoming the adversarial relationship between red/blue teams. chasing the \"feeling\" of being secure, and why there's a need for more empathy in cybersecurity. \r\n\r\n(Episode sponsored by Eclypsium)","date_published":"2021-06-18T10:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1aefd66d-be45-405a-a030-d0e2d9a9e51e.mp3","mime_type":"audio/mpeg","size_in_bytes":30521046,"duration_in_seconds":2277}]},{"id":"96f77b2a-f94c-4b25-9870-8652ddaffaa0","title":"Michael Laventure, threat detection and response, Netflix","url":"https://securityconversations.fireside.fm/michael-laventure-netflix-threat-intel","content_text":"Netflix threat detection and response practitioner Michael Laventure joins the show to talk about a simple goal to \"do security better.\" We discuss a transition from .gov security work to the fast pace of Silicon Valley, the culture clashes that can make life difficult, the value of threat-intelligence to a modern security program, and why we should all be optimistic about the future of cybersecurity.","content_html":"\u003cp\u003eNetflix threat detection and response practitioner Michael Laventure joins the show to talk about a simple goal to \u0026quot;do security better.\u0026quot; We discuss a transition from .gov security work to the fast pace of Silicon Valley, the culture clashes that can make life difficult, the value of threat-intelligence to a modern security program, and why we should all be optimistic about the future of cybersecurity.\u003c/p\u003e","summary":"Netflix threat detection and response practitioner Michael Laventure joins the show to talk about a simple goal to \"do security better.\" We discuss a transition from .gov security work to the fast pace of Silicon Valley, the culture clashes that can make life difficult, the value of threat-intelligence to a modern security program, and why we should all be optimistic about the future of cybersecurity.","date_published":"2021-06-10T08:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/96f77b2a-f94c-4b25-9870-8652ddaffaa0.mp3","mime_type":"audio/mpeg","size_in_bytes":23563004,"duration_in_seconds":1832}]},{"id":"97a0eeb7-c6f6-4757-9cf5-bbd21380223f","title":"Google's Heather Adkins on defenders playing the long game","url":"https://securityconversations.fireside.fm/heather-adkins-google-security","content_text":"Founding-member of the Google security team Heather Adkins joins the conversation to stress the importance of defenders playing the \"long-game,\" the need for meaningful culture-change among security leaders, the expansion of zero-trust beyond identities and devices, and some thoughts on the future of electronic voting.\n\nSponsored by Eclypsium:\nEclypsium ships an enterprise device platform that provides visibility and mitigation for malicious activity all the way down to the firmware and hardware level. Think of it as one platform to discover, inventory, assess risk, patch, and detect compromises and supply chain breaches across your entire fleet of devices. Request a demo at Eclypsium.com.","content_html":"\u003cp\u003eFounding-member of the Google security team Heather Adkins joins the conversation to stress the importance of defenders playing the \u0026quot;long-game,\u0026quot; the need for meaningful culture-change among security leaders, the expansion of zero-trust beyond identities and devices, and some thoughts on the future of electronic voting.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eSponsored by Eclypsium:\u003c/strong\u003e\u003cbr\u003e\nEclypsium ships an enterprise device platform that provides visibility and mitigation for malicious activity all the way down to the firmware and hardware level. Think of it as one platform to discover, inventory, assess risk, patch, and detect compromises and supply chain breaches across your entire fleet of devices. \u003ca href=\"https://eclypsium.com\" rel=\"nofollow\"\u003eRequest a demo at Eclypsium.com\u003c/a\u003e.\u003c/p\u003e","summary":"Founding-member of the Google security team Heather Adkins joins the conversation to stress the importance of defenders playing the \"long-game,\" the need for meaningful culture-change among security leaders, the expansion of zero-trust beyond identities and devices, and some thoughts on the future of electronic voting.","date_published":"2021-05-26T16:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/97a0eeb7-c6f6-4757-9cf5-bbd21380223f.mp3","mime_type":"audio/mpeg","size_in_bytes":32532700,"duration_in_seconds":2327}]},{"id":"5ca053c8-a041-4288-add6-49c3c7f84bbd","title":"Collin Greene, head of product security, Facebook","url":"https://securityconversations.fireside.fm/collin-greene-facebook-product-security","content_text":"Facebook product security leader Collin Greene joins the show to discuss philosophies around securing code at scale, the pros and cons of relying on bug-bounty programs, the humbling lessons from being on the wrong side of a malicious hack, and why \"shift-left\" should be the priority for every defender.Links:Six Buckets of Product SecurityOutcomes \u0026gt; Bugs","content_html":"\u003cp\u003eFacebook product security leader Collin Greene joins the show to discuss philosophies around securing code at scale, the pros and cons of relying on bug-bounty programs, the humbling lessons from being on the wrong side of a malicious hack, and why \u0026quot;shift-left\u0026quot; should be the priority for every defender.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Six Buckets of Product Security\" rel=\"nofollow\" href=\"http://collingreene.com/6_buckets_of_prodsec.html\"\u003eSix Buckets of Product Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Outcomes \u0026gt; Bugs\" rel=\"nofollow\" href=\"http://collingreene.com/outcomes_over_bugs.html\"\u003eOutcomes \u0026gt; Bugs\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Facebook product security leader Collin Greene joins the show to discuss philosophies around securing code at scale, the pros and cons of relying on bug-bounty programs, the humbling lessons from being on the wrong side of a malicious hack, and why \"shift-left\" should be the priority for every defender.","date_published":"2021-05-25T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/5ca053c8-a041-4288-add6-49c3c7f84bbd.mp3","mime_type":"audio/mpeg","size_in_bytes":55918822,"duration_in_seconds":3692}]},{"id":"b93843f4-0c2b-4482-b8aa-c39e2fb7c02a","title":"Alex Matrosov on the state of security at the firmware layer","url":"https://securityconversations.fireside.fm/alex-matrosov-firmware-security","content_text":"Former head of offensive security research at NVIDIA Alex Matrosov joins the show to talk about the state of security at the firmware layer, the need for specialized reverse engineering skills, the limits of bug-bounty programs for hardware research, and the future of advanced malware analysis.Links:Alex Matrosov on LinkedInModern Bootkit Trends: Bypassing Kernel-Mode Signing PolicyBootkit threats: In-depth reverse engineering \u0026amp; defense","content_html":"\u003cp\u003eFormer head of offensive security research at NVIDIA Alex Matrosov joins the show to talk about the state of security at the firmware layer, the need for specialized reverse engineering skills, the limits of bug-bounty programs for hardware research, and the future of advanced malware analysis.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Alex Matrosov on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/matrosov/\"\u003eAlex Matrosov on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Modern Bootkit Trends: Bypassing Kernel-Mode Signing Policy\" rel=\"nofollow\" href=\"https://www.slideshare.net/matrosov/modern-bootkit-trends-bypassing-kernelmode-signing-policy\"\u003eModern Bootkit Trends: Bypassing Kernel-Mode Signing Policy\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bootkit threats: In-depth reverse engineering \u0026amp; defense\" rel=\"nofollow\" href=\"https://www.slideshare.net/matrosov/bootkit-threats-indepth-reverse-engineering-defense\"\u003eBootkit threats: In-depth reverse engineering \u0026amp; defense\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Former head of offensive security research at NVIDIA Alex Matrosov joins the show to talk about the state of security at the firmware layer, the need for specialized reverse engineering skills, the limits of bug-bounty programs for hardware research, and the future of advanced malware analysis.","date_published":"2021-05-23T11:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/b93843f4-0c2b-4482-b8aa-c39e2fb7c02a.mp3","mime_type":"audio/mpeg","size_in_bytes":44900087,"duration_in_seconds":3512}]},{"id":"17902758-1dc9-4e4c-83cc-bbc3f9271eb4","title":"Charles Nwatu, Security Technology \u0026 Risk, Netflix","url":"https://securityconversations.fireside.fm/charles-nwatu-netflix","content_text":"Charles Nwatu is an engineering manager in Netflix's Security, Technology Assurance \u0026amp; Risk organization. He joins Ryan on the show to talk about a career pivot from U.S. gov service into cybersecurity in Silicon Valley, the exciting parts of compliance and risk management, and why newcomers should consider jobs in SOCs to kickstart security careers.Links:Charles Nwatu on LinkedIn — Corporate Security \u0026amp; Security, Technology Assurance \u0026amp; Risk, NetflixHow Netflix’s Charles Nwatu Turned His Desire to Help People Into a Career in Information Security","content_html":"\u003cp\u003eCharles Nwatu is an engineering manager in Netflix\u0026#39;s Security, Technology Assurance \u0026amp; Risk organization. He joins Ryan on the show to talk about a career pivot from U.S. gov service into cybersecurity in Silicon Valley, the exciting parts of compliance and risk management, and why newcomers should consider jobs in SOCs to kickstart security careers.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Charles Nwatu on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/cnwatu/\"\u003eCharles Nwatu on LinkedIn\u003c/a\u003e \u0026mdash; Corporate Security \u0026 Security, Technology Assurance \u0026 Risk, Netflix\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Netflix’s Charles Nwatu Turned His Desire to Help People Into a Career in Information Security\" rel=\"nofollow\" href=\"https://peopleofcolorintech.com/interview/how-netflixs-charles-nwatu-turned-his-desire-to-help-people-into-a-career-in-information-security/\"\u003eHow Netflix’s Charles Nwatu Turned His Desire to Help People Into a Career in Information Security\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Charles Nwatu is an engineering manager in Netflix's Security, Technology Assurance \u0026 Risk organization. He joins Ryan on the show to talk about a career pivot from U.S. gov service into cybersecurity in Silicon Valley, the exciting parts of compliance and risk management, and why newcomers should consider jobs in SOCs to kickstart security careers.","date_published":"2021-05-11T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/17902758-1dc9-4e4c-83cc-bbc3f9271eb4.mp3","mime_type":"audio/mpeg","size_in_bytes":27630724,"duration_in_seconds":1825}]},{"id":"3e7cdf29-565f-4a2b-bac6-de85ff8e7c2a","title":"Doug Madory on the mysterious AS8003 global routing story","url":"https://securityconversations.fireside.fm/doug-madory-mystery-as8003","content_text":"Director of Internet Analyis at Kentik, Doug Madory, joins the podcast to shed light on the mysterious appearance of unused IPv4 space belonging to the US Department of Defense: the strange connection to a Florida company now managing the world's largest honeypot; the odd Inauguration Day timing of this discovery;, and why enterprise network defenders should pay very close attention.Links:The Mystery of AS8003 — On January 20, 2021, a great mystery appeared in the internet’s global routing table. An entity that hadn’t been heard from in over a decade began announcing large swaths of formerly unused IPv4 address space belonging to the U.S. Department of Defense. Pentagon explains odd transfer of 175 million IP addresses to obscure company | Ars Technica — \"Did someone at the Defense Department sell off part of the military's vast collection of sought-after IP addresses as Trump left office? Had the Pentagon finally acted on demands to unload the billions of dollars worth of IP address space the military has been sitting on, largely unused, for decades?\"AS8003 GRS-DOD","content_html":"\u003cp\u003eDirector of Internet Analyis at Kentik, Doug Madory, joins the podcast to shed light on the mysterious appearance of unused IPv4 space belonging to the US Department of Defense: the strange connection to a Florida company now managing the world\u0026#39;s largest honeypot; the odd Inauguration Day timing of this discovery;, and why enterprise network defenders should pay very close attention.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The Mystery of AS8003\" rel=\"nofollow\" href=\"https://www.kentik.com/blog/the-mystery-of-as8003/\"\u003eThe Mystery of AS8003\u003c/a\u003e \u0026mdash; On January 20, 2021, a great mystery appeared in the internet’s global routing table. An entity that hadn’t been heard from in over a decade began announcing large swaths of formerly unused IPv4 address space belonging to the U.S. Department of Defense. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Pentagon explains odd transfer of 175 million IP addresses to obscure company | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2021/04/pentagon-explains-odd-transfer-of-175-million-ip-addresses-to-obscure-company/\"\u003ePentagon explains odd transfer of 175 million IP addresses to obscure company | Ars Technica\u003c/a\u003e \u0026mdash; \"Did someone at the Defense Department sell off part of the military's vast collection of sought-after IP addresses as Trump left office? Had the Pentagon finally acted on demands to unload the billions of dollars worth of IP address space the military has been sitting on, largely unused, for decades?\"\u003c/li\u003e\u003cli\u003e\u003ca title=\"AS8003 GRS-DOD\" rel=\"nofollow\" href=\"https://bgp.he.net/AS8003#_whois\"\u003eAS8003 GRS-DOD\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Director of Internet Analyis at Kentik, Doug Madory, joins the podcast to shed light on the mysterious appearance of unused IPv4 space belonging to the US Department of Defense: the strange connection to a Florida company now managing the world's largest honeypot; the odd Inauguration Day timing of this discovery;, and why enterprise network defenders should pay very close attention.","date_published":"2021-04-29T08:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/3e7cdf29-565f-4a2b-bac6-de85ff8e7c2a.mp3","mime_type":"audio/mpeg","size_in_bytes":22227722,"duration_in_seconds":1760}]},{"id":"36c84816-ee62-408e-a68d-a928e4fb720c","title":"Crossbeam CISO Chris Castaldo on securing the start-up","url":"https://securityconversations.fireside.fm/chris-castaldo-ciso-crossbeam","content_text":"Sponsored by Eclypsium\n\nChris Castaldo has a fascinating career in cybersecurity. A U.S. army veteran who dabbled in tech during the early 2000s dot-com boom before settling on security, Castaldo is now CISO at Crossbeam and a decision-maker with a bird's eye view into how the should be protected. \n\nCastaldo joins Ryan on the show to talk about his new book on securing the startup, why he's the rare CISO that loves security vendor briefings and demos, and his vision of the CISO's top priorities.","content_html":"\u003cp\u003e\u003ca href=\"https://eclypsium.com\" rel=\"nofollow\"\u003eSponsored by Eclypsium\u003c/a\u003e\u003c/p\u003e\n\n\u003cp\u003eChris Castaldo has a fascinating career in cybersecurity. A U.S. army veteran who dabbled in tech during the early 2000s dot-com boom before settling on security, Castaldo is now CISO at Crossbeam and a decision-maker with a bird\u0026#39;s eye view into how the should be protected. \u003c/p\u003e\n\n\u003cp\u003eCastaldo joins Ryan on the show to talk about his new book on securing the startup, why he\u0026#39;s the rare CISO that loves security vendor briefings and demos, and his vision of the CISO\u0026#39;s top priorities.\u003c/p\u003e","summary":"Chris Castaldo has a fascinating career in cybersecurity. A U.S. army veteran who dabbled in tech during the early 2000s dot-com boom before settling on security, Castaldo is now CISO at Crossbeam and a decision-maker with a bird's eye view into how the should be protected. \r\n\r\nCastaldo joins Ryan on the show to talk about his new book on securing the startup, why he's the rare CISO that loves security vendor briefings and demos, and his vision of the CISO's top priorities.","date_published":"2021-04-23T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/36c84816-ee62-408e-a68d-a928e4fb720c.mp3","mime_type":"audio/mpeg","size_in_bytes":28911630,"duration_in_seconds":1930}]},{"id":"8ca9fe4a-f12f-401f-80d8-f42f8c1e7504","title":"Shubs Shah on finding riches (and lessons) from bug bounty hacking","url":"https://securityconversations.fireside.fm/shuhbam-shah-assetnote","content_text":"Shubham Shah is a brilliant hacker who quit his pen-testing job to hack for cash in bug-bounty programs. He quickly mastered the game of automating automating pre-breach reconnaissance and zero in on common webapp programming and configuration errors. Shubs, now co-founder at Assetnote, joined Ryan on the show to talk about the stressful life of a fulltime bug-bounty hunter, advancements in web app security defense, and how automation is completely rewriting the bug-discovery business.Links:AssetnoteShubs Shah: Hacking on Bug Bounties for Four YearsHigh frequency security: 120 days, 120 bugsh2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)H2C Smuggling in the Wild","content_html":"\u003cp\u003eShubham Shah is a brilliant hacker who quit his pen-testing job to hack for cash in bug-bounty programs. He quickly mastered the game of automating automating pre-breach reconnaissance and zero in on common webapp programming and configuration errors. Shubs, now co-founder at Assetnote, joined Ryan on the show to talk about the stressful life of a fulltime bug-bounty hunter, advancements in web app security defense, and how automation is completely rewriting the bug-discovery business.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Assetnote\" rel=\"nofollow\" href=\"https://assetnote.io\"\u003eAssetnote\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Shubs Shah: Hacking on Bug Bounties for Four Years\" rel=\"nofollow\" href=\"https://blog.assetnote.io/2020/09/15/hacking-on-bug-bounties-for-four-years/\"\u003eShubs Shah: Hacking on Bug Bounties for Four Years\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"High frequency security: 120 days, 120 bugs\" rel=\"nofollow\" href=\"https://shubs.io/high-frequency-security-bug-hunting-120-days-120-bugs/\"\u003eHigh frequency security: 120 days, 120 bugs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)\" rel=\"nofollow\" href=\"https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c\"\u003eh2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"H2C Smuggling in the Wild\" rel=\"nofollow\" href=\"https://blog.assetnote.io/2021/03/18/h2c-smuggling/\"\u003eH2C Smuggling in the Wild\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":" Shubham Shah is a brilliant hacker who quit his pen-testing job to hack for cash in bug-bounty programs. He quickly mastered the game of automating automating pre-breach reconnaissance and zero in on common webapp programming and configuration errors. Shubs, now co-founder at Assetnote, joined Ryan on the show to talk about the stressful life of a fulltime bug-bounty hunter, advancements in web app security defense, and how automation is completely rewriting the bug-discovery business.","date_published":"2021-04-20T11:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/8ca9fe4a-f12f-401f-80d8-f42f8c1e7504.mp3","mime_type":"audio/mpeg","size_in_bytes":38562676,"duration_in_seconds":3169}]},{"id":"e3d22755-cc83-43aa-b67d-8003ad468a6b","title":"Fahmida Rashid, Executive Editor, VentureBeat","url":"https://securityconversations.fireside.fm/fahmida-rashid-venturebeat","content_text":"Newly appointed Executive Editor at VentureBeat Fahmida Rashid joins the show to talk about her introduction to computer networking in school, her winding path into cybersecurity journalism, the security stories worth telling, the venture capital ecosystem, and the surge in unicorn cybersecurity startups.Links:Follow Fahmida on TwitterFahmida Rashid on LinkedIn","content_html":"\u003cp\u003eNewly appointed Executive Editor at VentureBeat Fahmida Rashid joins the show to talk about her introduction to computer networking in school, her winding path into cybersecurity journalism, the security stories worth telling, the venture capital ecosystem, and the surge in unicorn cybersecurity startups.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Follow Fahmida on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/FYRashid\"\u003eFollow Fahmida on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fahmida Rashid on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/fyrashid/\"\u003eFahmida Rashid on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Newly appointed Executive Editor at VentureBeat Fahmida Rashid joins the show to talk about her introduction to computer networking in school, her winding path into cybersecurity journalism, the security stories worth telling, the venture capital ecosystem, and the surge in unicorn cybersecurity startups.","date_published":"2021-04-09T10:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/e3d22755-cc83-43aa-b67d-8003ad468a6b.mp3","mime_type":"audio/mpeg","size_in_bytes":31693302,"duration_in_seconds":2222}]},{"id":"9589ad97-fc83-458f-8781-44ce8eb8bbf3","title":"Microsoft's David Weston on the surge in firmware attacks","url":"https://securityconversations.fireside.fm/david-weston-microsoft-windows","content_text":"Microsoft's David Weston joins Ryan on the show to discuss a new report that shows 83% of organizations have been hit by a firmware attack in the last two years. \n\nAs businesses continue to under-invest in resources to prevent firmware attacks, Weston warns about the inevitability of advanced attacks at the 'invisible' layer, the absence of skills and tools to find malicious activity in firmware, the nightmare of navigating the patching treadmill, and exciting tech innovation in the space.","content_html":"\u003cp\u003eMicrosoft\u0026#39;s David Weston joins Ryan on the show to discuss a new report that shows 83% of organizations have been hit by a firmware attack in the last two years. \u003c/p\u003e\n\n\u003cp\u003eAs businesses continue to under-invest in resources to prevent firmware attacks, Weston warns about the inevitability of advanced attacks at the \u0026#39;invisible\u0026#39; layer, the absence of skills and tools to find malicious activity in firmware, the nightmare of navigating the patching treadmill, and exciting tech innovation in the space.\u003c/p\u003e","summary":"Microsoft's David Weston joins Ryan on the show to discuss a new report that shows 83% of organizations have been hit by a firmware attack in the last two years. \r\n\r\nAs businesses continue to under-invest in resources to prevent firmware attacks, Weston warns about the inevitability of advanced attacks at the 'invisible' layer, the absence of skills and tools to find malicious activity in firmware, the nightmare of navigating the patching treadmill, and exciting tech innovation in the space.","date_published":"2021-04-06T11:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/9589ad97-fc83-458f-8781-44ce8eb8bbf3.mp3","mime_type":"audio/mpeg","size_in_bytes":35474013,"duration_in_seconds":1986}]},{"id":"ccdec073-caf0-49bc-80f3-42edab3a1c04","title":"Lena Smart, CISO, MongoDB","url":"https://securityconversations.fireside.fm/lena-smart-ciso-mongodb","content_text":"At age 16, Lena Smart finished high school and went into the workforce. At the time, a university degree and advanced education were not available to her in a single-parent household in Scotland. Today, she is CISO of MongoDB, a $16 billion company with thousands of employees around the world and she is a leading voice on education and talent-identification in cybersecurity.\n\nLena joins Ryan on the show to tell stories from her childhood, the decisions that carved a path for a successful career in security, the anguish of imposter syndrome, the joys of building a modern security program, and impressive tech innovation moving the security needle.","content_html":"\u003cp\u003eAt age 16, Lena Smart finished high school and went into the workforce. At the time, a university degree and advanced education were not available to her in a single-parent household in Scotland. Today, she is CISO of MongoDB, a $16 billion company with thousands of employees around the world and she is a leading voice on education and talent-identification in cybersecurity.\u003c/p\u003e\n\n\u003cp\u003eLena joins Ryan on the show to tell stories from her childhood, the decisions that carved a path for a successful career in security, the anguish of imposter syndrome, the joys of building a modern security program, and impressive tech innovation moving the security needle.\u003c/p\u003e","summary":"At age16, Lena Smart finished high school and went into the workforce. At the time, a university degree and advanced education was not available to her in a single-parent household in Scotland. Today, she is CISO of MongoDB, a $16 billion company with thousands of employees around the world and is leading the discussion on education and talent-identification in cybersecurity.\r\n\r\nLena joins Ryan on the show to tell stories from her childhood, the decisions that carved a path for a successful career in security, the anguish of imposter syndrome, the joys of building a modern security program, and impressive tech innovation moving the security needle.","date_published":"2021-04-02T04:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/ccdec073-caf0-49bc-80f3-42edab3a1c04.mp3","mime_type":"audio/mpeg","size_in_bytes":44804932,"duration_in_seconds":3261}]},{"id":"02fc5a7f-d41b-434f-a25d-5f6c0a046dbc","title":"Patrick Howell O'Neill, Cybersecurity Editor, MIT Technology Review","url":"https://securityconversations.fireside.fm/patrick-howell-oneill-mit-tech-review","content_text":"Patrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss his latest scoop on Google Project Zero's visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple's iOS becoming a hot target and the controversies surrounding all of these conversations. Follow Patrick on Twitter.","content_html":"\u003cp\u003ePatrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss \u003ca href=\"https://securityconversations.com/on-disrupting-gov-malware-attacks/\" rel=\"nofollow\"\u003ehis latest scoop\u003c/a\u003e on Google Project Zero\u0026#39;s visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple\u0026#39;s iOS becoming a hot target and the controversies surrounding all of these conversations. \u003ca href=\"https://twitter.com/howelloneill\" rel=\"nofollow\"\u003eFollow Patrick on Twitter\u003c/a\u003e.\u003c/p\u003e","summary":" \r\nPatrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss his latest scoop on Google Project Zero's visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple's iOS becoming a hot target and the controversies surrounding all of these conversations. [Follow Patrick on Twitter](https://twitter.com/howelloneill).","date_published":"2021-03-30T01:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/02fc5a7f-d41b-434f-a25d-5f6c0a046dbc.mp3","mime_type":"audio/mpeg","size_in_bytes":24838523,"duration_in_seconds":1552}]},{"id":"85a47563-94ed-43f9-964c-fed6c6e20eff","title":"Nico Waisman, Head of Privacy \u0026 Security, Lyft","url":"https://securityconversations.fireside.fm/nico-waisman-lyft","content_text":"After a 20-year career working in the offensive security reseach trenches, security industry pioneer Nico Waisman made the transition to defense to head up privacy and security efforts at ride-sharing firm Lyft. Waisman joins Ryan Naraine on the show to talk about early hacking in Argentina, the contributions of non-Americans to the security industry, and much much more...","content_html":"\u003cp\u003eAfter a 20-year career working in the offensive security reseach trenches, security industry pioneer Nico Waisman made the transition to defense to head up privacy and security efforts at ride-sharing firm Lyft. Waisman joins Ryan Naraine on the show to talk about early hacking in Argentina, the contributions of non-Americans to the security industry, and much much more...\u003c/p\u003e","summary":"After a 20-year career working in the offensive security reseach trenches, security industry pioneer Nico Waisman made the transition to defense to head up privacy and security efforts at ride-sharing firm Lyft. Waisman joins Ryan Naraine on the show to talk about early hacking in Argentina, the contributions of non-Americans to the security industry, and much much more...","date_published":"2021-03-26T12:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/85a47563-94ed-43f9-964c-fed6c6e20eff.mp3","mime_type":"audio/mpeg","size_in_bytes":42763209,"duration_in_seconds":3378}]},{"id":"68388f69-fd95-4df0-9083-00587ea8f41c","title":"Ron Brash on the water plant hacks and the state of ICS security","url":"https://securityconversations.fireside.fm/ron-brash-verve-industrial-protection","content_text":"Ron Brash joins Ryan Naraine on the show to talk about the recent water supply hack, the state of security in ICS/SCADA installations, the checklist of affordable things for critical infrastructure defenders, and the things we should worry -- and not worry -- about. \n\nRon is Director of Cyber Security Insights at Verve Industrial Protection, a critical infrastructure-focused organisation that sells services and products that work across IT and OT environments for effective cyber security, controls and management. ","content_html":"\u003cp\u003eRon Brash joins Ryan Naraine on the show to talk about the recent water supply hack, the state of security in ICS/SCADA installations, the checklist of affordable things for critical infrastructure defenders, and the things we should worry -- and not worry -- about. \u003c/p\u003e\n\n\u003cp\u003eRon is Director of Cyber Security Insights at Verve Industrial Protection, a critical infrastructure-focused organisation that sells services and products that work across IT and OT environments for effective cyber security, controls and management. \u003c/p\u003e","summary":" Ron Brash joins Ryan on the show talk about the recent water supply hack, the state of security in ICS/SCADA installations, the checklist of affordable things for critical infrastructure defender, and the things we should worry -- and not worry -- about. Ron is Director of Cyber Security Insights at Verve Industrial Protection, a critical infrastructure-focused organisation that sells services and products that work across IT and OT environments for effective cyber security, controls and management. ","date_published":"2021-03-11T13:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/68388f69-fd95-4df0-9083-00587ea8f41c.mp3","mime_type":"audio/mpeg","size_in_bytes":45472533,"duration_in_seconds":3006}]},{"id":"6cc88aa8-eacc-4bb0-a992-c0172b5915ea","title":"Throwback: Zero-day exploit broker Chaouki Bekrar","url":"https://securityconversations.fireside.fm/chaouki-bekrar","content_text":"This is the republication of an interview first conducted in March 2013 with then-VUPEN chief executive Chauki Bekrar. The audio file was lost in several podcast platform transfers and I'm glad to be able to retain this interview for historical purposes. \n\nThe recording was conducted in the hallways of the CanSecWest Pwn2Own hacking contest in 2013 where Bekrar's team of hackers demo'd a zero-day attack against Microsoft Internet Explorer 10 on Windows 8, an exploit that bypassed all mitigations including the browser sandbox. We chat about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Own hacker contest. \n\n(Please excuse the audio quality and background chatter, this was recorded with a small handheld device in a noisy room).","content_html":"\u003cp\u003eThis is the republication of an interview first conducted in March 2013 with then-VUPEN chief executive Chauki Bekrar. The audio file was lost in several podcast platform transfers and I\u0026#39;m glad to be able to retain this interview for historical purposes. \u003c/p\u003e\n\n\u003cp\u003eThe recording was conducted in the hallways of the CanSecWest Pwn2Own hacking contest in 2013 where Bekrar\u0026#39;s team of hackers demo\u0026#39;d a zero-day attack against Microsoft Internet Explorer 10 on Windows 8, an exploit that bypassed all mitigations including the browser sandbox. We chat about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Own hacker contest. \u003c/p\u003e\n\n\u003cp\u003e(Please excuse the audio quality and background chatter, this was recorded with a small handheld device in a noisy room).\u003c/p\u003e","summary":"This is the republication of an interview first conducted in March 2013 with then-VUPEN chief executive Chauki Bekrar. The audio file was lost in several podcast platform transfers and I'm glad to be able to retain this interview for historical purposes. \r\n\r\nThe recording was conducted in the hallways of the CanSecWest Pwn2Own hacking contest in 2013 where Bekrar's team of hackers demo'd a zero-day attack against Microsoft Internet Explorer 10 on Windows 8, an exploit that bypassed all mitigations including the browser sandbox. We chat about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Own hacker contest. \r\n\r\nPlease excuse the audio quality and background noise.","date_published":"2021-03-03T01:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/6cc88aa8-eacc-4bb0-a992-c0172b5915ea.mp3","mime_type":"audio/mpeg","size_in_bytes":21298595,"duration_in_seconds":1482}]},{"id":"9a9c9bf0-2463-42f6-9e4c-823c9a7763d8","title":"Selena Larson, Intelligence Analyst, Dragos","url":"https://securityconversations.fireside.fm/selena-larson-dragos","content_text":"Journalist-turned-intel analyst Selena Larson joins the podcast to discuss the nuances of cybersecurity journalism, making the shift to analyzing intelligence and writing for a private audience, the ransomware epidemic, and the state of critical infrastructure security.Links:Selena Larson PresentationsFollow Selena on TwitterSelena Larson on Bringing New \u0026amp; Diverse People into the ICS Security CommunityICS OSINT: An Attacker’s PerspectiveSelena Larson profile","content_html":"\u003cp\u003eJournalist-turned-intel analyst Selena Larson joins the podcast to discuss the nuances of cybersecurity journalism, making the shift to analyzing intelligence and writing for a private audience, the ransomware epidemic, and the state of critical infrastructure security.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Selena Larson Presentations\" rel=\"nofollow\" href=\"https://www.selenalarson.com/presentations\"\u003eSelena Larson Presentations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Selena on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/selenalarson\"\u003eFollow Selena on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Selena Larson on Bringing New \u0026amp; Diverse People into the ICS Security Community\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=WzfMsApgIl8\u0026amp;ab_channel=S4Events\"\u003eSelena Larson on Bringing New \u0026amp; Diverse People into the ICS Security Community\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ICS OSINT: An Attacker’s Perspective\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=fW7AkbG-q-A\u0026amp;ab_channel=RSAConference\"\u003eICS OSINT: An Attacker’s Perspective\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Selena Larson profile\" rel=\"nofollow\" href=\"https://www.dragos.com/team/selena-larson/\"\u003eSelena Larson profile\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Journalist-turned-intel analyst Selena Larson joins the podcast to discuss the nuances of cybersecurity journalism, making the shift to analyzing intelligence and writing for a private audience, the ransomware epidemic, and the state of critical infrastructure security.","date_published":"2020-09-16T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/9a9c9bf0-2463-42f6-9e4c-823c9a7763d8.mp3","mime_type":"audio/mpeg","size_in_bytes":37771153,"duration_in_seconds":3137}]},{"id":"d20c248c-131d-4e66-8790-6d0a146e7fa8","title":"Fredrick Lee, Chief Security Officer, Gusto","url":"https://securityconversations.fireside.fm/frederick-lee-gusto","content_text":"Gusto chief security officer Fredrick 'Flee' Lee talks about his passion for democratizing security, solving problems for small businesses, the responsibilities of being a black security leader, and the people and experiences that influenced him along the way.Links:Gusto Appoints Fredrick Lee Chief Security OfficerSecret CSO: Fredrick \"Flee\" Lee, GustoCISO to CISO Webcast with Fredrick \"Flee\" Lee","content_html":"\u003cp\u003eGusto chief security officer Fredrick \u0026#39;Flee\u0026#39; Lee talks about his passion for democratizing security, solving problems for small businesses, the responsibilities of being a black security leader, and the people and experiences that influenced him along the way.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Gusto Appoints Fredrick Lee Chief Security Officer\" rel=\"nofollow\" href=\"https://www.businesswire.com/news/home/20190305005014/en/Gusto-Appoints-Fredrick-Lee-Chief-Security-Officer\"\u003eGusto Appoints Fredrick Lee Chief Security Officer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Secret CSO: Fredrick \u0026quot;Flee\u0026quot; Lee, Gusto\" rel=\"nofollow\" href=\"https://www.idgconnect.com/interviews/1504751/secret-cso-fredrick-flee-lee-gusto\"\u003eSecret CSO: Fredrick \u0026quot;Flee\u0026quot; Lee, Gusto\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CISO to CISO Webcast with Fredrick \u0026quot;Flee\u0026quot; Lee\" rel=\"nofollow\" href=\"https://blog.altitudenetworks.com/ciso-to-ciso-live-webcast-with-fredrick-lee-cso-of-gusto/\"\u003eCISO to CISO Webcast with Fredrick \u0026quot;Flee\u0026quot; Lee\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Gusto chief security officer Fredrick 'Flee' Lee talks about his passion for democratizing security, solving problems for small businesses, the responsibilities of being a black security leader, and the people and experiences that influenced him along the way.","date_published":"2020-09-10T16:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/d20c248c-131d-4e66-8790-6d0a146e7fa8.mp3","mime_type":"audio/mpeg","size_in_bytes":27307999,"duration_in_seconds":2497}]},{"id":"cb83913c-2556-48c1-aff3-aa2f7b7db8c8","title":"Zack Whittaker, Security Editor, TechCrunch","url":"https://securityconversations.fireside.fm/zack-whittaker-techcrunch","content_text":"TechCrunch security writer Zack Whittaker stumbled into journalism while in college and has carved a successful career covering cybersecurity the last decade. He joins the podcast to talk about landing at ZDNet out of university and some lucky breaks along the way. Zack also talks about the trials of living and working with Tourette syndrome. ","content_html":"\u003cp\u003eTechCrunch security writer Zack Whittaker stumbled into journalism while in college and has carved a successful career covering cybersecurity the last decade. He joins the podcast to talk about landing at ZDNet out of university and some lucky breaks along the way. Zack also talks about the trials of living and working with Tourette syndrome. \u003c/p\u003e","summary":"TechCrunch security writer Zack Whittaker stumbled into journalism while in college and has carved a successful career covering cybersecurity the last decade. He joins the podcast to talk about landing at ZDNet out of university and some lucky breaks along the way. Zack also talks about the trials of living and working with Tourette syndrome.","date_published":"2020-09-01T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/cb83913c-2556-48c1-aff3-aa2f7b7db8c8.mp3","mime_type":"audio/mpeg","size_in_bytes":19170998,"duration_in_seconds":1545}]},{"id":"c238448d-c5c4-411a-b256-d6afae1ec31b","title":"Jason Chan, VP, Information Security, Netflix","url":"https://securityconversations.fireside.fm/jason-chan-netflix","content_text":"Netflix security leader Jason Chan talks about the connections between ultra-marathons and running a robust security program, his view of the defender's top priorities, the talent shortage in cybersecurity, and the shifting patterns that drive secure code delivery.Links:Jason's ultra-marathon photosKeynote: Keeping Developers and Security Teams HappyDeveloper Empathy with Jason Chan of Netflix (Podcast)Hacktivity 2014: Jason Chan -- Building a Glass HouseI Want Your Job: Jason Chan, Netflix","content_html":"\u003cp\u003eNetflix security leader Jason Chan talks about the connections between ultra-marathons and running a robust security program, his view of the defender\u0026#39;s top priorities, the talent shortage in cybersecurity, and the shifting patterns that drive secure code delivery.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Jason\u0026#39;s ultra-marathon photos\" rel=\"nofollow\" href=\"https://run200photos.com/jason/hB7475CBB#hb7475cbb\"\u003eJason\u0026#39;s ultra-marathon photos\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Keynote: Keeping Developers and Security Teams Happy\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=WGkAf4x94rQ\"\u003eKeynote: Keeping Developers and Security Teams Happy\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Developer Empathy with Jason Chan of Netflix (Podcast)\" rel=\"nofollow\" href=\"https://www.heavybit.com/library/podcasts/the-secure-developer/ep-28-developer-empathy-with-jason-chan-of-netflix/\"\u003eDeveloper Empathy with Jason Chan of Netflix (Podcast)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hacktivity 2014: Jason Chan -- Building a Glass House\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=wH-8610xh6s\"\u003eHacktivity 2014: Jason Chan -- Building a Glass House\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"I Want Your Job: Jason Chan, Netflix\" rel=\"nofollow\" href=\"https://today.cofc.edu/2019/04/03/jason-chan-vice-president-of-information-security-netflix/\"\u003eI Want Your Job: Jason Chan, Netflix\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Netflix security leader Jason Chan talks about the connections between ultra-marathons and running a robust security program, his view of the defender's top priorities, the talent shortage in cybersecurity, and the shifting patterns that drive secure code delivery.","date_published":"2020-08-18T16:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/c238448d-c5c4-411a-b256-d6afae1ec31b.mp3","mime_type":"audio/mpeg","size_in_bytes":22390072,"duration_in_seconds":1864}]},{"id":"6430e0f1-7e1a-4003-853b-8f19d9a34d6b","title":"Matt Honea, Senior Director, Cybersecurity, Guidewire","url":"https://securityconversations.fireside.fm/matt-honea-guidewire","content_text":"After a career in government that included physical security work for the U.S. State Department, Matt Honea transitioned to Silicon Valley and turned his attention to the cyber-insurance space. He joins the podcast for a frank discussion on cyber-insurance, ransomware payments and trends, and his opinions on innovation in security.Links:Matt Honea blog postsSafe Harbor Programs: Ensuring the Bounty Isn't on ...","content_html":"\u003cp\u003eAfter a career in government that included physical security work for the U.S. State Department, Matt Honea transitioned to Silicon Valley and turned his attention to the cyber-insurance space. He joins the podcast for a frank discussion on cyber-insurance, ransomware payments and trends, and his opinions on innovation in security.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Matt Honea blog posts\" rel=\"nofollow\" href=\"https://www.guidewire.com/our-bloggers/matthew-honea\"\u003eMatt Honea blog posts\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Safe Harbor Programs: Ensuring the Bounty Isn\u0026#39;t on ...\" rel=\"nofollow\" href=\"https://www.darkreading.com/application-security/safe-harbor-programs-ensuring-the-bounty-isnt-on-white-hat-hackers-heads/a/d-id/1334339?\"\u003eSafe Harbor Programs: Ensuring the Bounty Isn\u0026#39;t on ...\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"After a career in government that included physical security work for the U.S. State Department, Matt Honea transitioned to Silicon Valley and turned his attention to the cyber-insurance space. He joins the podcast for a frank discussion on cyber-insurance, ransomware payments and trends, and his opinions on innovation in security.","date_published":"2020-08-11T12:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/6430e0f1-7e1a-4003-853b-8f19d9a34d6b.mp3","mime_type":"audio/mpeg","size_in_bytes":30677958,"duration_in_seconds":2796}]},{"id":"1a7b0cc6-4405-4f53-81c3-653964fd377d","title":"Andy Greenberg, Senior Writer, Wired","url":"https://securityconversations.fireside.fm/andy-greenberg-wired","content_text":"Cybersecurity journalist and author Andy Greenberg joins the podcast to talk about his career as a journalist, the ins-and-outs of negotiating a big story with sources, the intricacies of writing a good book, and some of his biggest stories to date.Links:Follow Andy Greenberg on TwitterAndy Greenberg's Wired bioSandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers","content_html":"\u003cp\u003eCybersecurity journalist and author Andy Greenberg joins the podcast to talk about his career as a journalist, the ins-and-outs of negotiating a big story with sources, the intricacies of writing a good book, and some of his biggest stories to date.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Follow Andy Greenberg on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/a_greenberg\"\u003eFollow Andy Greenberg on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Andy Greenberg\u0026#39;s Wired bio\" rel=\"nofollow\" href=\"https://www.wired.com/author/andy-greenberg/\"\u003eAndy Greenberg\u0026#39;s Wired bio\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin\u0026#39;s Most Dangerous Hackers\" rel=\"nofollow\" href=\"https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405?ots=1\u0026amp;slotNum=0\u0026amp;imprToken=10b9ef54-bb0c-ca8b-8b2\u0026amp;tag=w050b-20\u0026amp;linkCode=w50\"\u003eSandworm: A New Era of Cyberwar and the Hunt for the Kremlin\u0026#39;s Most Dangerous Hackers\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Cybersecurity journalist and author Andy Greenberg joins the podcast to talk about his career as a journalist, the ins-and-outs of negotiating a big story with sources, the intricacies of writing a good book, and some of his biggest stories to date.","date_published":"2020-08-11T10:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1a7b0cc6-4405-4f53-81c3-653964fd377d.mp3","mime_type":"audio/mpeg","size_in_bytes":43116760,"duration_in_seconds":3587}]},{"id":"e2e90b4c-d2d7-4cf8-abb8-691432172793","title":"Brooke Pearson, Security Awareness, Uber","url":"https://securityconversations.fireside.fm/brooke-pearson-uber","content_text":"After a career in diplomacy at the U.S. State Department, Uber's Brooke Pearson headed to Silicon Valley to find a new path in cybersecurity. We chat about her early interest in Russia and international relations, a life-changing chance encounter during an airport layover, using non-traditional skills to find success in tech, and her passion for helping minorities find meaningful careers in security. ","content_html":"\u003cp\u003eAfter a career in diplomacy at the U.S. State Department, Uber\u0026#39;s Brooke Pearson headed to Silicon Valley to find a new path in cybersecurity. We chat about her early interest in Russia and international relations, a life-changing chance encounter during an airport layover, using non-traditional skills to find success in tech, and her passion for helping minorities find meaningful careers in security. \u003c/p\u003e","summary":"After a career in diplomacy at the U.S. State Department, Uber's Brooke Pearson headed to Silicon Valley to find a new path in cybersecurity. We chat about her early interest in Russia and international relations, a life-changing chance encounter during an airport layover, using non-traditional skills to find success in tech, and her passion for helping minorities find meaningful careers in security. ","date_published":"2020-06-17T21:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/e2e90b4c-d2d7-4cf8-abb8-691432172793.mp3","mime_type":"audio/mpeg","size_in_bytes":44092719,"duration_in_seconds":3671}]},{"id":"768dab87-a2a6-4fa9-9a41-b74bd83665a3","title":"Tim MalcomVetter, Red Team Lead, Walmart","url":"https://securityconversations.fireside.fm/tim-malcomvetter-walmart","content_text":"[ DISCLAIMER: These are the personal opinions of Tim MalcomVetter and do not construe an official endorsement or business relationship of his employer with any product or service. ]\n\nWalmart Red Team lead Tim MalcomVetter joins the podcast to talk about red-team/blue team dynamics, the adversarial relationship between the two sides, the mentality of a determined attacker, and why everyone in cybersecurity should give jiu-jitsu a try.Links:TIm's Articles on MediumFollow Tim MalcomVetter on TwitterLinkedIn Profile","content_html":"\u003cp\u003e\u003cem\u003e[ DISCLAIMER: These are the personal opinions of Tim MalcomVetter and do not construe an official endorsement or business relationship of his employer with any product or service. ]\u003c/em\u003e\u003c/p\u003e\n\n\u003cp\u003eWalmart Red Team lead Tim MalcomVetter joins the podcast to talk about red-team/blue team dynamics, the adversarial relationship between the two sides, the mentality of a determined attacker, and why everyone in cybersecurity should give jiu-jitsu a try.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"TIm\u0026#39;s Articles on Medium\" rel=\"nofollow\" href=\"https://medium.com/@malcomvetter\"\u003eTIm\u0026#39;s Articles on Medium\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Tim MalcomVetter on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/malcomvetter\"\u003eFollow Tim MalcomVetter on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LinkedIn Profile\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/malcomvetter/\"\u003eLinkedIn Profile\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Tim joins the podcast to talk about red-team/blue team dynamics, the adversarial relationship between the two sides, the mentality of a determined attacker, and why everyone in cybersecurity should give jiu-jitsu a try.","date_published":"2020-05-04T18:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/768dab87-a2a6-4fa9-9a41-b74bd83665a3.mp3","mime_type":"audio/mpeg","size_in_bytes":43661751,"duration_in_seconds":3574}]},{"id":"9a77e22d-d2e8-4f91-a79b-f6edb4f69eaa","title":"Matt Suiche, Comae Technologies","url":"https://securityconversations.fireside.fm/matt-suiche-comae","content_text":"Hacker-turned-entrepreneur Matt Suiche reminisces about the hacking scene in France, his introduction to memory forensics and how his research led to presenting at Microsoft's Blue Hat, the grind of building and selling a company, and his passion for supporting young security researchers in developing countries. Links:OPCDE OnlineComae TechnologiesFollow Matt Suiche on Twitter","content_html":"\u003cp\u003eHacker-turned-entrepreneur Matt Suiche reminisces about the hacking scene in France, his introduction to memory forensics and how his research led to presenting at Microsoft\u0026#39;s Blue Hat, the grind of building and selling a company, and his passion for supporting young security researchers in developing countries. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"OPCDE Online\" rel=\"nofollow\" href=\"https://online.opcde.com\"\u003eOPCDE Online\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Comae Technologies\" rel=\"nofollow\" href=\"https://www.comae.com/\"\u003eComae Technologies\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Matt Suiche on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/msuiche\"\u003eFollow Matt Suiche on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Hacker-turned-entrepreneur Matt Suiche reminisces about the hacking scene in France, his introduction to memory forensics, building a selling a company, and his passion for spreading security research in developing countries.","date_published":"2020-04-17T06:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/9a77e22d-d2e8-4f91-a79b-f6edb4f69eaa.mp3","mime_type":"audio/mpeg","size_in_bytes":35719975,"duration_in_seconds":2556}]},{"id":"3ea2877d-d3a0-44e1-98b4-e9536f831b77","title":"Jaime Blasco, AT\u0026T Cybersecurity","url":"https://securityconversations.fireside.fm/jaime-blasco-att-cybersecurity","content_text":"AT\u0026amp;T Cybersecurity's Jaime Blasco talks about falling in love with security as a high-school student in Spain, finding a career path in pen-testing and offense, shifting to building defensive technologies and his current passion for exploring the value of machine learning. Links:AT\u0026amp;T AlienLabsFollow Jaime on TwitterOpen Threat Exchange (OTX)","content_html":"\u003cp\u003eAT\u0026amp;T Cybersecurity\u0026#39;s Jaime Blasco talks about falling in love with security as a high-school student in Spain, finding a career path in pen-testing and offense, shifting to building defensive technologies and his current passion for exploring the value of machine learning. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"AT\u0026amp;T AlienLabs\" rel=\"nofollow\" href=\"https://cybersecurity.att.com/alien-labs\"\u003eAT\u0026amp;T AlienLabs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Jaime on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/jaimeblascob\"\u003eFollow Jaime on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Open Threat Exchange (OTX)\" rel=\"nofollow\" href=\"https://cybersecurity.att.com/open-threat-exchange\"\u003eOpen Threat Exchange (OTX)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"AT\u0026T Cybersecurity's Jaime Blasco talks about falling in love with security as a high-school student in Spain, finding a career path in pen-testing and offense, shifting to building defensive technologies and his current passion for exploring the value of machine learning.","date_published":"2020-04-14T15:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/3ea2877d-d3a0-44e1-98b4-e9536f831b77.mp3","mime_type":"audio/mpeg","size_in_bytes":30063613,"duration_in_seconds":1867}]},{"id":"1762300e-32da-4a5b-b925-44680cc367e6","title":"Collin Mulliner, Security Engineer, Cruise","url":"https://securityconversations.fireside.fm/collin-mulliner-cruise","content_text":"Mobile security pioneer Collin Mulliner talks about the early days of hacking PalmOS devices, the current state of smartphone platforms, his work on securing self driving cars, and why he built and open-sourced a firmware analyzer tool. Links:Firmware Analyzer — FwAnalyzer is a tool to analyze (ext2/3/4), FAT/VFat, SquashFS, UBIFS filesystem images, cpio archives, and directory content using a set of configurable rules. Collin's blogPDF: Continuous Automated Firmware Security Analysis","content_html":"\u003cp\u003eMobile security pioneer Collin Mulliner talks about the early days of hacking PalmOS devices, the current state of smartphone platforms, his work on securing self driving cars, and why he built and open-sourced a firmware analyzer tool. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Firmware Analyzer\" rel=\"nofollow\" href=\"https://github.com/cruise-automation/fwanalyzer\"\u003eFirmware Analyzer\u003c/a\u003e \u0026mdash; FwAnalyzer is a tool to analyze (ext2/3/4), FAT/VFat, SquashFS, UBIFS filesystem images, cpio archives, and directory content using a set of configurable rules. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Collin\u0026#39;s blog\" rel=\"nofollow\" href=\"http://www.mulliner.org/blog/\"\u003eCollin\u0026#39;s blog\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PDF: Continuous Automated Firmware Security Analysis\" rel=\"nofollow\" href=\"https://i.blackhat.com/USA-19/Wednesday/us-19-Mulliner-Come-Join-The-CAFSA-Continuous-Automated-Firmware-Security-Analysis.pdf\"\u003ePDF: Continuous Automated Firmware Security Analysis\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Mobile security research pioneer Collin Mulliner talks about the early days of hacking PalmOS devices, the current state of smartphone platforms, his work on securing self driving cars, and why he built and open-sourced a firmware analyzer tool.","date_published":"2020-04-03T18:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1762300e-32da-4a5b-b925-44680cc367e6.mp3","mime_type":"audio/mpeg","size_in_bytes":34191733,"duration_in_seconds":2008}]},{"id":"87141539-e2ba-45d7-a262-cec68a4f6baf","title":"Michael Piacente, Principal, Hitch Partners","url":"https://securityconversations.fireside.fm/michael-piacente-hitch-partners","content_text":"Hitch Partners principal Michael Piacente dishes on the cybersecurity job market during an economic crisis, the intricacies of recruiting top-flight security talent, the high rate of turnover among CISOs, and why companies should spend more time on writing better job descriptions.Links:WSJ: CISOs stay on the job less than three years, compared with nearly seven years for CEOsExploring the CISO's personal brand","content_html":"\u003cp\u003eHitch Partners principal Michael Piacente dishes on the cybersecurity job market during an economic crisis, the intricacies of recruiting top-flight security talent, the high rate of turnover among CISOs, and why companies should spend more time on writing better job descriptions.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"WSJ: CISOs stay on the job less than three years, compared with nearly seven years for CEOs\" rel=\"nofollow\" href=\"https://www.wsj.com/articles/cisos-short-tenures-can-hamper-cyber-defenses-11582021801?mod=djemCybersecruityPro\u0026amp;tpl=cy\"\u003eWSJ: CISOs stay on the job less than three years, compared with nearly seven years for CEOs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Exploring the CISO\u0026#39;s personal brand\" rel=\"nofollow\" href=\"https://www.linkedin.com/pulse/exploring-cisos-personal-brand-michael-piacente/\"\u003eExploring the CISO\u0026#39;s personal brand\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Hitch Partners principal Michael Piacente dishes on the cybersecurity job market during an economic crisis, the intricacies of recruiting top-flight security talent, the high rate of turnover among CISOs, and why companies should spend more time on writing better job descriptions.","date_published":"2020-03-30T07:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/87141539-e2ba-45d7-a262-cec68a4f6baf.mp3","mime_type":"audio/mpeg","size_in_bytes":27603336,"duration_in_seconds":1990}]},{"id":"68383542-84b9-4780-909a-a741b9c26cc8","title":"Dave Aitel, Founder and CEO, Immunity","url":"https://securityconversations.fireside.fm/dave-aitel-immunity","content_text":"Security industry pioneer Dave Aitel dishes on entrepreneurship, fostering a \"one team, one parking lot\" culture, how lessons from his time at the NSA still guides his decisions, and his approach to blunt, honest marketing. We also discuss a shared passion for Brazilian Jiu-Jitsu and his work supporting Project Grapple in Miami. Links:Project Grapple, The Jiu-Jitsu Non Profit Changing LivesAitel FoundationInfiltrate ConferenceDaily Dave (mailing list)","content_html":"\u003cp\u003eSecurity industry pioneer Dave Aitel dishes on entrepreneurship, fostering a \u0026quot;one team, one parking lot\u0026quot; culture, how lessons from his time at the NSA still guides his decisions, and his approach to blunt, honest marketing. We also discuss a shared passion for Brazilian Jiu-Jitsu and his work supporting Project Grapple in Miami. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Project Grapple, The Jiu-Jitsu Non Profit Changing Lives\" rel=\"nofollow\" href=\"https://www.flograppling.com/video/6044979-project-grapple-the-jiu-jitsu-non-profit-changing-lives\"\u003eProject Grapple, The Jiu-Jitsu Non Profit Changing Lives\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Aitel Foundation\" rel=\"nofollow\" href=\"https://www.aitelfoundation.org/\"\u003eAitel Foundation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Infiltrate Conference\" rel=\"nofollow\" href=\"https://infiltratecon.com/\"\u003eInfiltrate Conference\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Daily Dave (mailing list)\" rel=\"nofollow\" href=\"https://seclists.org/dailydave/\"\u003eDaily Dave (mailing list)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Security industry pioneer Dave Aitel dishes on entrepreneurship, fostering a \"one team, one parking lot\" culture, how lessons from his time at the NSA still guides his decisions, and his approach to blunt, honest marketing. We also discuss a shared passion for Brazilian Jiu-Jitsu and his work supporting Project Grapple in Miami.","date_published":"2020-03-23T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/68383542-84b9-4780-909a-a741b9c26cc8.mp3","mime_type":"audio/mpeg","size_in_bytes":36849446,"duration_in_seconds":2263}]},{"id":"cda34e0b-2ced-4519-9bee-dda805d6150c","title":"Sounil Yu, Cyber Defense Matrix","url":"https://securityconversations.fireside.fm/sounil-yu-cyber-defense-matrix","content_text":"Former Chief Security Scientist at Bank of America, Sounil Yu, explains why he created the Cyber Defense Matrix framework and how organizations are using it to drive visibility and security decisions in multiple places. We discuss securing \"cattle vs pets,\" the next era of security innovation, and the increasing security poverty line that hurts small- and medium-sized businesses. Links:Cyber Defense Matrix — The Cyber Defense Matrix helps us understand what we need organized through a logical construct so that when we go into the security vendor marketplace, we can quickly discern what products solve what problems and be informed on what is the core function of a given product. In addition, the Cyber Defense Matrix provides a mechanism to ensure that we have capabilities across the entire spectrum of options to help secure our environments.Cyber Defense Matrix Reloaded — This is an update to the Cyber Defense Matrix briefing given at the 2019 RSA Conference. Cybersecurity practitioners can use this to organize vendors, find gaps in security portfolios, understand how to organize security measurements, prioritize investments, minimize business impact, visualize attack surfaces, align other existing frameworks, and gain a fuller understanding of the entire space of cybersecurity.","content_html":"\u003cp\u003eFormer Chief Security Scientist at Bank of America, Sounil Yu, explains why he created the Cyber Defense Matrix framework and how organizations are using it to drive visibility and security decisions in multiple places. We discuss securing \u0026quot;cattle vs pets,\u0026quot; the next era of security innovation, and the increasing security poverty line that hurts small- and medium-sized businesses. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Cyber Defense Matrix\" rel=\"nofollow\" href=\"https://owasp.org/www-project-cyber-defense-matrix/\"\u003eCyber Defense Matrix\u003c/a\u003e \u0026mdash; The Cyber Defense Matrix helps us understand what we need organized through a logical construct so that when we go into the security vendor marketplace, we can quickly discern what products solve what problems and be informed on what is the core function of a given product. In addition, the Cyber Defense Matrix provides a mechanism to ensure that we have capabilities across the entire spectrum of options to help secure our environments.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cyber Defense Matrix Reloaded\" rel=\"nofollow\" href=\"https://www.slideshare.net/sounilyu/cyber-defense-matrix-reloaded\"\u003eCyber Defense Matrix Reloaded\u003c/a\u003e \u0026mdash; This is an update to the Cyber Defense Matrix briefing given at the 2019 RSA Conference. Cybersecurity practitioners can use this to organize vendors, find gaps in security portfolios, understand how to organize security measurements, prioritize investments, minimize business impact, visualize attack surfaces, align other existing frameworks, and gain a fuller understanding of the entire space of cybersecurity.\u003c/li\u003e\u003c/ul\u003e","summary":"Former Chief Security Scientist at Bank of America, Sounil Yu, explains why he created the Cyber Defense Matrix framework and how organizations are using it to drive visibility and security decisions in multiple places. We discuss securing \"cattle vs pets,\" the next era of security innovation, and the increasing security poverty line that hurts small- and medium-sized businesses.","date_published":"2020-03-17T08:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/cda34e0b-2ced-4519-9bee-dda805d6150c.mp3","mime_type":"audio/mpeg","size_in_bytes":31017607,"duration_in_seconds":2148}]},{"id":"dd036e55-5dd8-4043-ba3d-29caf4beebea","title":"Andy Ellis, Chief Security Officer, Akamai Technologies","url":"https://securityconversations.fireside.fm/andy-ellis-akamai","content_text":"In an industry where 10-15% of staff are women, Akamai's security team is 40% women and growing. Chief security officer Andy Ellis joins the podcast to share lessons on practical things -- some subtle, some major -- that pushed real diversity on Akamai's security team.Links:One company’s successful approach to gender balanceVideo: 20 Years In: Security’s Grand Challenges, Then and NowAndy Ellis: Humans are Awesome at Risk Management","content_html":"\u003cp\u003eIn an industry where 10-15% of staff are women, Akamai\u0026#39;s security team is 40% women and growing. Chief security officer Andy Ellis joins the podcast to share lessons on practical things -- some subtle, some major -- that pushed real diversity on Akamai\u0026#39;s security team.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"One company’s successful approach to gender balance\" rel=\"nofollow\" href=\"https://hrexecutive.com/one-companys-successful-approach-to-gender-balance/\"\u003eOne company’s successful approach to gender balance\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Video: 20 Years In: Security’s Grand Challenges, Then and Now\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=XgmTm5e38Y0\"\u003eVideo: 20 Years In: Security’s Grand Challenges, Then and Now\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Andy Ellis: Humans are Awesome at Risk Management\" rel=\"nofollow\" href=\"https://www.rsaconference.com/industry-topics/presentation/humans-are-awesome-at-risk-management\"\u003eAndy Ellis: Humans are Awesome at Risk Management\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"In an industry where 10-15% of staff are women, Akamai's security team is 40% women and growing. Chief security officer Andy Ellis joins the podcast to share lessons on practical things -- some subtle, some major -- that pushed real diversity on Akamai's security team.","date_published":"2020-03-11T16:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/dd036e55-5dd8-4043-ba3d-29caf4beebea.mp3","mime_type":"audio/mpeg","size_in_bytes":23543325,"duration_in_seconds":1928}]},{"id":"c49758d1-bc1a-43d5-8eee-5f91c6d7021f","title":"Costin Raiu, Global Director, GReAT, Kaspersky Lab","url":"https://securityconversations.fireside.fm/costin-raiu-great","content_text":"Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups.Links:\"Equation Group\" ran the most advanced hacking operation ever uncoveredThe adventures of lab ED011 — One Romanian campus computer lab both pentested the world and eventually helped protect itCostin Raiu on TwitterThe \"Red October\" Campaign","content_html":"\u003cp\u003eVeteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"\u0026quot;Equation Group\u0026quot; ran the most advanced hacking operation ever uncovered\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/\"\u003e\u0026quot;Equation Group\u0026quot; ran the most advanced hacking operation ever uncovered\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The adventures of lab ED011\" rel=\"nofollow\" href=\"https://arstechnica.com/features/2018/08/the-secret-history-of-ed011-the-obscure-computer-lab-that-hacked-the-world/\"\u003eThe adventures of lab ED011\u003c/a\u003e \u0026mdash; One Romanian campus computer lab both pentested the world and eventually helped protect it\u003c/li\u003e\u003cli\u003e\u003ca title=\"Costin Raiu on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/craiu\"\u003eCostin Raiu on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The \u0026quot;Red October\u0026quot; Campaign\" rel=\"nofollow\" href=\"https://securelist.com/the-red-october-campaign/57647/\"\u003eThe \u0026quot;Red October\u0026quot; Campaign\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups.","date_published":"2018-09-03T04:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/c49758d1-bc1a-43d5-8eee-5f91c6d7021f.mp3","mime_type":"audio/mpeg","size_in_bytes":47022834,"duration_in_seconds":3081}]},{"id":"1f0f4e71-9a49-4d80-8a17-c020c7e2698c","title":"Josh Lefkowitz, Founder and CEO, Flashpoint","url":"https://securityconversations.fireside.fm/josh-lefkowitz-flashpoint","content_text":"Flashpoint chief executive Josh Lefkowitz talks about how his previous work as a counter-terrorism analyst underscored the value of contextual threat-intelligence, his company's approach to gathering and analyzing data, and his mission to be an extension of a client's security team.Links:Flashpoint - Library'7 Minutes' with Flashpoint CEO Josh LefkowitzVideo: Josh Lefkowitz on AlphaBay's demise","content_html":"\u003cp\u003eFlashpoint chief executive Josh Lefkowitz talks about how his previous work as a counter-terrorism analyst underscored the value of contextual threat-intelligence, his company\u0026#39;s approach to gathering and analyzing data, and his mission to be an extension of a client\u0026#39;s security team.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Flashpoint - Library\" rel=\"nofollow\" href=\"https://www.flashpoint-intel.com/library/\"\u003eFlashpoint - Library\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"\u0026#39;7 Minutes\u0026#39; with Flashpoint CEO Josh Lefkowitz\" rel=\"nofollow\" href=\"https://www.channelpartnersonline.com/article/7-minutes-with-flashpoint-ceo-josh-lefkowitz/\"\u003e\u0026#39;7 Minutes\u0026#39; with Flashpoint CEO Josh Lefkowitz\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Video: Josh Lefkowitz on AlphaBay\u0026#39;s demise\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=fd6GedN3yng\"\u003eVideo: Josh Lefkowitz on AlphaBay\u0026#39;s demise\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Flashpoint chief executive Josh Lefkowitz talks about how his previous work as a counter-terrorism analyst underscored the value of contextual threat-intelligence, his company's approach to gathering and analyzing data, and his mission to be an extension of a client's security team.","date_published":"2018-08-28T04:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1f0f4e71-9a49-4d80-8a17-c020c7e2698c.mp3","mime_type":"audio/mpeg","size_in_bytes":30504303,"duration_in_seconds":1930}]},{"id":"37e1bbf9-9add-4a52-9c5e-dc0940f670b6","title":"Christine Gadsby, Director of Product Security Operations, BlackBerry","url":"https://securityconversations.fireside.fm/christine-gadsby-blackberry","content_text":"BlackBerry security response executive Christine Gadsby joins the podcast to talk about tough decisions around shipping secure software, the challenges of securing supply chain dependencies, BlackBerry's new ransomware recovery feature, and her upcoming Black Hat 2018 presentation.Links:Black Hat 2018: Stop that Release There's a Vulnerability!Christine Gadsby on TwitterBlackBerry Enterprise Software - Security \u0026amp; Management for the Enterprise of ThingsChristine Gadsby on LinkedIn","content_html":"\u003cp\u003eBlackBerry security response executive Christine Gadsby joins the podcast to talk about tough decisions around shipping secure software, the challenges of securing supply chain dependencies, BlackBerry\u0026#39;s new ransomware recovery feature, and her upcoming Black Hat 2018 presentation.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Black Hat 2018: Stop that Release There\u0026#39;s a Vulnerability!\" rel=\"nofollow\" href=\"https://www.blackhat.com/us-18/briefings.html#stop-that-release-theres-a-vulnerability\"\u003eBlack Hat 2018: Stop that Release There\u0026#39;s a Vulnerability!\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Christine Gadsby on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/ChristineGadsby\"\u003eChristine Gadsby on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BlackBerry Enterprise Software - Security \u0026amp; Management for the Enterprise of Things\" rel=\"nofollow\" href=\"https://us.blackberry.com/enterprise\"\u003eBlackBerry Enterprise Software - Security \u0026amp; Management for the Enterprise of Things\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Christine Gadsby on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/bbchristine/\"\u003eChristine Gadsby on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"BlackBerry security response executive Christine Gadsby joins the podcast to talk about tough decisions around shipping secure software, the challenges of securing supply chain dependencies, BlackBerry's new ransomware recovery feature, and her upcoming Black Hat 2018 presentation.","date_published":"2018-08-06T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/37e1bbf9-9add-4a52-9c5e-dc0940f670b6.mp3","mime_type":"audio/mpeg","size_in_bytes":26141237,"duration_in_seconds":1652}]},{"id":"d2f343f6-c9ae-4e29-a5be-bf8f746446b6","title":"Chad Loder, co-founder and CEO, Habitu8","url":"https://securityconversations.fireside.fm/chad-loder-habitu8","content_text":"Cybersecurity industry veteran Chad Loder talks about his time as co-founder of Rapid7, the decision to acquire Metasploit, lessons learned from moving to the CISO chair and why the industry still struggles with security awareness training.Links:About Habitu8Chad Loder on TwitterRapid7 Acquires Metasploit","content_html":"\u003cp\u003eCybersecurity industry veteran Chad Loder talks about his time as co-founder of Rapid7, the decision to acquire Metasploit, lessons learned from moving to the CISO chair and why the industry still struggles with security awareness training.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"About Habitu8\" rel=\"nofollow\" href=\"https://www.habitu8.io/about-us/\"\u003eAbout Habitu8\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chad Loder on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/chadloder\"\u003eChad Loder on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Rapid7 Acquires Metasploit\" rel=\"nofollow\" href=\"https://www.businesswire.com/news/home/20091021005675/en/Rapid7-Acquires-Metasploit\"\u003eRapid7 Acquires Metasploit\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Cybersecurity industry veteran Chad Loder talks about his time as co-founder of Rapid7, the decision to acquire Metasploit, lessons learned from moving to the CISO chair and why the industry still struggles with security awareness training.","date_published":"2018-07-31T09:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/d2f343f6-c9ae-4e29-a5be-bf8f746446b6.mp3","mime_type":"audio/mpeg","size_in_bytes":45359306,"duration_in_seconds":3208}]},{"id":"a936371f-8a20-4865-9932-a916fd16a2da","title":"Chris Castaldo, Senior Director of Cybersecurity, 2U ","url":"https://securityconversations.fireside.fm/chris-castaldo-2u","content_text":"Chris Castaldo, senior director of cybersecurity at 2U, Inc., joins Ryan on the podcast to talk about building a threat model for digitizing the education sector, his top priorities as a defender, new solutions that impress him, and why it's important to get independent third-party security assessments.Links:Uptycsosquery | Easily ask questions about your Linux, Windows, and macOS infrastructure","content_html":"\u003cp\u003eChris Castaldo, senior director of cybersecurity at 2U, Inc., joins Ryan on the podcast to talk about building a threat model for digitizing the education sector, his top priorities as a defender, new solutions that impress him, and why it\u0026#39;s important to get independent third-party security assessments.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Uptycs\" rel=\"nofollow\" href=\"https://www.uptycs.com/technology\"\u003eUptycs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"osquery | Easily ask questions about your Linux, Windows, and macOS infrastructure\" rel=\"nofollow\" href=\"https://osquery.io/\"\u003eosquery | Easily ask questions about your Linux, Windows, and macOS infrastructure\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Chris Castaldo, senior director of cybersecurity at 2U, Inc., joins Ryan on the podcast to talk about building a threat model for digitizing the education sector, his top priorities as a defender, new solutions that impress him, and why it's important to get independent third-party security assessments.","date_published":"2018-07-26T09:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a936371f-8a20-4865-9932-a916fd16a2da.mp3","mime_type":"audio/mpeg","size_in_bytes":37191493,"duration_in_seconds":2384}]},{"id":"2eee789f-5d35-4620-bef5-79a98b867ffb","title":"Wim Remes, CEO and Principal Researcher, Wire Security","url":"https://securityconversations.fireside.fm/wim-remes-wire-security","content_text":"Founder and CEO of Wire Security, Wim Remes, joins the podcast to discuss the intricacies of penetration testing, red-teaming, bug bounty programs, and calls for defenders to embrace continuous pen-testing.Links:Wim Remes on GitHubWim Remes on Twitter","content_html":"\u003cp\u003eFounder and CEO of Wire Security, Wim Remes, joins the podcast to discuss the intricacies of penetration testing, red-teaming, bug bounty programs, and calls for defenders to embrace continuous pen-testing.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Wim Remes on GitHub\" rel=\"nofollow\" href=\"https://github.com/wimremes/\"\u003eWim Remes on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wim Remes on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/wimremes\"\u003eWim Remes on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Founder and CEO of Wire Security Wim Remes discusses the intricacies of penetration testing, red-teaming, bug bounties, and calls for defenders to embrace continuous pen-testing.","date_published":"2018-07-23T12:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/2eee789f-5d35-4620-bef5-79a98b867ffb.mp3","mime_type":"audio/mpeg","size_in_bytes":29368681,"duration_in_seconds":2442}]},{"id":"d7db6dd9-a8d4-42ec-a94d-b51821f8e4e3","title":"Dan Hubbard, Chief Security Architect, Lacework","url":"https://securityconversations.fireside.fm/dan-hubbard-lacework","content_text":"Lacework Chief Security Architect Dan Hubbard joins the podcast to discuss his new research on container security, the challenges of securing cloud deployments, and why technological advancements have widened attack surfaces.Links:Containers at risk (PDF direct download)Dan Hubbard on Twitter","content_html":"\u003cp\u003eLacework Chief Security Architect Dan Hubbard joins the podcast to discuss his new research on container security, the challenges of securing cloud deployments, and why technological advancements have widened attack surfaces.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Containers at risk (PDF direct download)\" rel=\"nofollow\" href=\"https://info.lacework.com/hubfs/Containers%20At-Risk_%20A%20Review%20of%2021,000%20Cloud%20Environments.pdf\"\u003eContainers at risk (PDF direct download)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dan Hubbard on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/dhubbard858\"\u003eDan Hubbard on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Lacework Chief Security Architect Dan Hubbard joins the podcast to discuss his new research on container security, the challenges of securing cloud deployments, and why technological advancements have widened attack surfaces.","date_published":"2018-07-16T14:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/d7db6dd9-a8d4-42ec-a94d-b51821f8e4e3.mp3","mime_type":"audio/mpeg","size_in_bytes":33852535,"duration_in_seconds":2292}]},{"id":"904ca3fd-d3eb-481f-8a0e-819e0bfd87c4","title":"David Weston, Principal Security Engineering Manager, Microsoft","url":"https://securityconversations.fireside.fm/david-weston-microsoft","content_text":"David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem.Links:Dave Weston on TwitterDavid Weston: Hardening with Hardware — In this talk, we will review the metamorphosis and fundamental re-architecture of Windows to take advantage of emerging hardware security capabilities. Windows 10 in S mode","content_html":"\u003cp\u003eDavid Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft\u0026#39;s products and the current state of security in the Windows ecosystem.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Dave Weston on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/dwizzzlemsft\"\u003eDave Weston on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"David Weston: Hardening with Hardware\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=8V0wcqS22vc\"\u003eDavid Weston: Hardening with Hardware\u003c/a\u003e \u0026mdash; In this talk, we will review the metamorphosis and fundamental re-architecture of Windows to take advantage of emerging hardware security capabilities. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Windows 10 in S mode\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/windows/s-mode\"\u003eWindows 10 in S mode\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem.","date_published":"2018-06-24T18:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/904ca3fd-d3eb-481f-8a0e-819e0bfd87c4.mp3","mime_type":"audio/mpeg","size_in_bytes":37022785,"duration_in_seconds":2783}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=530","title":"Rich Seiersen, SVP and CISO, Lending Club","url":"https://securityconversations.fireside.fm/rich-seiersen-lending-club","content_text":"SVP and Chief Information Security Officer (CISO) at Lending Club, Rich Seiersen, digs into the nuts and bolts of defending a financial services firm, his approach to finding quality cybersecurity talent, and the importance of confronting security with data. (Recorded during fireside chat at SecurityWeek’s CISO Forum).\n\n \n\n\n\nhttps://securityconversations.com/wp-content/uploads/2018/06/rich_seierson.mp3Links:Book: How to Measure Anything in Cybersecurity Risk — How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current \"risk management\" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security.","content_html":"\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eSVP and Chief Information Security Officer (CISO) at Lending Club, Rich Seiersen, digs into the nuts and bolts of defending a financial services firm, his approach to finding quality cybersecurity talent, and the importance of confronting security with data. (Recorded during fireside chat at SecurityWeek\u0026#8217;s \u003ca href=\"https://cisoforum.com\"\u003eCISO Forum\u003c/a\u003e).\u003c/span\u003e\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\u003c!--[if lt IE 9]\u003e\u003c![endif]--\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-530-1\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/06/rich_seierson.mp3?_=1\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/06/rich_seierson.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/06/rich_seierson.mp3\u003c/a\u003e\u003c/audio\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Book: How to Measure Anything in Cybersecurity Risk\" rel=\"nofollow\" href=\"https://www.amazon.com/How-Measure-Anything-Cybersecurity-Risk/dp/1536669741\"\u003eBook: How to Measure Anything in Cybersecurity Risk\u003c/a\u003e \u0026mdash; How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current \"risk management\" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security.\u003c/li\u003e\u003c/ul\u003e","summary":"SVP and Chief Information Security Officer (CISO) at Lending Club, Rich Seiersen, digs into the nuts and bolts of defending a financial services firm, his approach to finding quality cybersecurity talent, and the importance of confronting security with data. (Recorded during fireside chat at SecurityWeek's \u003ca href=\"https://cisoforum.com\"\u003eCISO Forum\u003c/a\u003e)","date_published":"2018-06-18T09:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/cacc11a2-aec9-4926-8d62-1cd34a5befdf.mp3","mime_type":"audio/mpeg","size_in_bytes":27931750,"duration_in_seconds":2248}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=521","title":"Andrew Morris, Founder and CEO, GreyNoise Intelligence","url":"https://securityconversations.fireside.fm/andrew-morris-greynoise-intelligence","content_text":"Founder and CEO of GreyNoise Intelligence Andrew Morris (andrew___morris) talks about his “anti threat-intelligence” company, the ways SOCs are using it to filter through scanning noise and the trials and tribulations of bootstrapping a start-up.\n\n \n\nhttps://securityconversations.com/wp-content/uploads/2018/05/andrew_morris.mp3Links:What is GreyNoise?","content_html":"\u003cp\u003eFounder and CEO of GreyNoise Intelligence Andrew Morris (\u003ca href=\"https://twitter.com/andrew___morris\"\u003eandrew___morris\u003c/a\u003e) talks about his \u0026#8220;anti threat-intelligence\u0026#8221; company, the ways SOCs are using it to filter through scanning noise and the trials and tribulations of bootstrapping a start-up.\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-521-2\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/andrew_morris.mp3?_=2\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/andrew_morris.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/andrew_morris.mp3\u003c/a\u003e\u003c/audio\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"What is GreyNoise?\" rel=\"nofollow\" href=\"https://greynoise.io/blog/2018/2/1/what-is-greynoise\"\u003eWhat is GreyNoise?\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Founder and CEO of GreyNoise Intelligence Andrew Morris talks about his anti threat-intelligence company, the ways SOCs are using it to filter through scanning noise and the trials and tribulations of bootstrapping a start-up.","date_published":"2018-05-31T15:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a441617f-9c5d-49d0-8fd8-d21fc211523a.mp3","mime_type":"audio/mpeg","size_in_bytes":21465394,"duration_in_seconds":2239}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=513","title":"Yoav Leitersdorf, Managing Partner , YL Ventures","url":"https://securityconversations.fireside.fm/yoav-leitersdorf-yl-ventures","content_text":"Managing Partner at YL Ventures, Yoav Leitersdorf (ylventures), explains the surge in cybersecurity investments in Israel, the priorities for his $75 million fund and which sectors are ripe for the picking.\n\n \n\nhttps://securityconversations.com/wp-content/uploads/2018/05/ep30-yoav_leitersdorf.mp3Links:Ask A VC: Yoav Leitersdorf On The Cyber Security Opportunity — In this week’s episode of Ask A VC, we hosted YL Ventures’ Yoav Leitersdorf in the studio to talk about cyber security, innovations in Israel and more.","content_html":"\u003cp\u003eManaging Partner at YL Ventures, Yoav Leitersdorf (\u003ca href=\"https://twitter.com/ylventures\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://twitter.com/juanandres_gs\u0026amp;source=gmail\u0026amp;ust=1526399114060000\u0026amp;usg=AFQjCNEoPD1PMwpQPcXxUAGMC6Er-NGdWg\"\u003eylventures\u003c/a\u003e), explains the surge in cybersecurity investments in Israel, the priorities for his $75 million fund and which sectors are ripe for the picking.\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-513-3\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/ep30-yoav_leitersdorf.mp3?_=3\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/ep30-yoav_leitersdorf.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/ep30-yoav_leitersdorf.mp3\u003c/a\u003e\u003c/audio\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Ask A VC: Yoav Leitersdorf On The Cyber Security Opportunity \" rel=\"nofollow\" href=\"https://techcrunch.com/2014/03/07/ask-a-vc-yl-ventures-yoav-leitersdorf-on-the-cyber-security-opportunity/\"\u003eAsk A VC: Yoav Leitersdorf On The Cyber Security Opportunity \u003c/a\u003e \u0026mdash; In this week’s episode of Ask A VC, we hosted YL Ventures’ Yoav Leitersdorf in the studio to talk about cyber security, innovations in Israel and more.\u003c/li\u003e\u003c/ul\u003e","summary":"Managing Partner at YL Ventures, Yoav Leitersdorf, explains the surge in cybersecurity investments in Israel, the priorities for his $75 million fund, and which sectors are ripe for the picking.","date_published":"2018-05-21T16:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/b23f807e-3c66-4fd6-93eb-f9d10a93dda2.mp3","mime_type":"audio/mpeg","size_in_bytes":19693277,"duration_in_seconds":1567}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=499","title":"Juan Andrés Guerrero-Saade, Principal Security Researcher, Recorded Future","url":"https://securityconversations.fireside.fm/juan-andres-guerrero-saade-recorded-future","content_text":"Principal Security Researcher at Recorded Future’s Insikt Group, Juan Andrés Guerrero-Saade (juanandres_gs), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don’t have to be “sophisticated” to launch successful attacks.\n\n \n\nhttps://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3","content_html":"\u003cp\u003ePrincipal Security Researcher at Recorded Future\u0026#8217;s Insikt Group, Juan Andrés Guerrero-Saade (\u003ca href=\"https://twitter.com/juanandres_gs\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://twitter.com/juanandres_gs\u0026amp;source=gmail\u0026amp;ust=1526399114060000\u0026amp;usg=AFQjCNEoPD1PMwpQPcXxUAGMC6Er-NGdWg\"\u003ejuanandres_gs\u003c/a\u003e), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don\u0026#8217;t have to be \u0026#8220;sophisticated\u0026#8221; to launch successful attacks.\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-499-4\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3?_=4\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3\u003c/a\u003e\u003c/audio\u003e","summary":"Principal Security Researcher at Recorded Futures Insikt Group, Juan Andrés Guerrero-Saade, explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don't have to be sophisticated to launch successful attacks.","date_published":"2018-05-14T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/f69cb1a6-f5e9-4664-bc82-fc229d5b1de4.mp3","mime_type":"audio/mpeg","size_in_bytes":53015905,"duration_in_seconds":3684}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=488","title":"Robert M. Lee, Chief Executive Officer, Dragos Inc.","url":"https://securityconversations.fireside.fm/robert-m-lee-dragos","content_text":"The founder and CEO of Dragos, Inc. Robert M. Lee (RobertMLee) cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.\n\n \n\nhttps://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3","content_html":"\u003cp\u003eThe founder and CEO of Dragos, Inc. Robert M. Lee (\u003ca href=\"https://twitter.com/RobertMLee\"\u003eRobertMLee\u003c/a\u003e) cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-488-5\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3?_=5\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3\u003c/a\u003e\u003c/audio\u003e","summary":"The founder and CEO of Dragos, Inc. Robert M. Lee cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.","date_published":"2018-05-10T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/12cf4cec-e81b-4f38-b8ff-956979ab0e93.mp3","mime_type":"audio/mpeg","size_in_bytes":65117301,"duration_in_seconds":3284}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=479","title":"Brandon Dixon, Vice President, RiskIQ","url":"https://securityconversations.fireside.fm/brandon-dixon-riskiq","content_text":"VP of Product at RiskIQ Brandon Dixon (@9bplus) delves into nation-state cyber operations, explains why it’s dangerous to underestimate North Korea’s capabilities, and his passion for roasting the perfect coffee bean.\n\nhttps://securityconversations.com/wp-content/uploads/2018/05/ep27-brandon-dixon.mp3Links:Split Key CoffeeSplit Key Coffee on MediumTainted Leaks: Disinformation and Phishing With a Russian Nexus - The Citizen Lab — This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims.","content_html":"\u003cp\u003eVP of Product at RiskIQ Brandon Dixon (\u003ca href=\"https://twitter.com/9bplus\"\u003e@9bplus\u003c/a\u003e) delves into nation-state cyber operations, explains why it’s dangerous to underestimate North Korea’s capabilities, and his passion for roasting the perfect coffee bean.\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-479-6\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/ep27-brandon-dixon.mp3?_=6\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/ep27-brandon-dixon.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/ep27-brandon-dixon.mp3\u003c/a\u003e\u003c/audio\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Split Key Coffee\" rel=\"nofollow\" href=\"https://twitter.com/SplitKeyCoffee\"\u003eSplit Key Coffee\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Split Key Coffee on Medium\" rel=\"nofollow\" href=\"https://medium.com/split-key-coffee\"\u003eSplit Key Coffee on Medium\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tainted Leaks: Disinformation and Phishing With a Russian Nexus - The Citizen Lab\" rel=\"nofollow\" href=\"https://citizenlab.ca/2017/05/tainted-leaks-disinformation-phish/\"\u003eTainted Leaks: Disinformation and Phishing With a Russian Nexus - The Citizen Lab\u003c/a\u003e \u0026mdash; This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims.\u003c/li\u003e\u003c/ul\u003e","summary":"VP of Product at RiskIQ Brandon Dixon delves into nation-state cyber operations, explains why it’s dangerous to underestimate North Korea’s capabilities, and his passion for roasting the perfect coffee bean.","date_published":"2018-05-09T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/55e3820f-eacf-49b8-a98a-9baf2dfd641d.mp3","mime_type":"audio/mpeg","size_in_bytes":55969497,"duration_in_seconds":3790}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=470","title":"Ryan Huber, Security Architect, Slack","url":"https://securityconversations.fireside.fm/ryan-huber-slack","content_text":"Slack security architect Ryan Huber talks about the gargantuan task of defending an organization with 8 million daily active users, burnout, and fatigue in security teams and a range of issues around bug bounties and penetration testing.Links:Video of Rob Joyce's 2016 Enigma talkRyan Huber on Twitter","content_html":"\u003cp\u003eSlack security architect Ryan Huber talks about the gargantuan task of defending an organization with 8 million daily active users, burnout, and fatigue in security teams and a range of issues around bug bounties and penetration testing.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Video of Rob Joyce\u0026#39;s 2016 Enigma talk\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=bDJb8WOJYdA\"\u003eVideo of Rob Joyce\u0026#39;s 2016 Enigma talk\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ryan Huber on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/ryanhuber\"\u003eRyan Huber on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Slack security architect Ryan Huber talks about the gargantuan task of defending an organization with 8 million daily active users, burnout, and fatigue in security teams and a range of issues around bug bounties and penetration testing.","date_published":"2018-05-08T16:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/356ed2cf-065c-4092-b71b-5ee407b73e26.mp3","mime_type":"audio/mpeg","size_in_bytes":75433009,"duration_in_seconds":3888}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=441","title":"Ivan Arce, CTO at Quarkslab","url":"https://securityconversations.fireside.fm/ivan-arce-quarkslab","content_text":"Chief Technology Officer at Quarkslab Ivan Arce (@4dgifts) tells stories about the birth of penetration testing platforms, the concentration of hacking talent in Argentina, and his focus on security problems in the Android ecosystem.\n\nhttps://securityconversations.com/wp-content/uploads/2018/05/ivan_arce_01.mp3","content_html":"\u003cp\u003eChief Technology Officer at Quarkslab Ivan Arce (\u003ca href=\"https://twitter.com/4dgifts\"\u003e@4dgifts\u003c/a\u003e) tells stories about the birth of penetration testing platforms, the concentration of hacking talent in Argentina, and his focus on security problems in the Android ecosystem.\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-441-7\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/ivan_arce_01.mp3?_=7\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/ivan_arce_01.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/ivan_arce_01.mp3\u003c/a\u003e\u003c/audio\u003e","summary":"Chief Technology Officer at Quarkslab Ivan Arce tells stories about the birth of penetration testing platforms, the concentration of hacking talent in Argentina, and his focus on security problems in the Android ecosystem.","date_published":"2018-05-04T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/111cab3d-0ff5-4290-8488-07e6149421ce.mp3","mime_type":"audio/mpeg","size_in_bytes":69299416,"duration_in_seconds":3615}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=431","title":"Sinan Eren, Founder and CEO, Fyde","url":"https://securityconversations.fireside.fm/sinan-eren-fyde","content_text":"Founder and CEO of Fyde (@FydeApp) Sinan Eren discusses the “iOS-ification” of platforms and the security ramifications, the dangers of running AV software, the iOS vs. Android security argument, and his new venture to address mobile phishing attacks.\n\nhttps://securityconversations.com/wp-content/uploads/2018/05/Ep-24-sinan_eren.mp3Links:Security vendors need to stop doing more harm than good","content_html":"\u003cp\u003eFounder and CEO of Fyde (@\u003ca href=\"https://twitter.com/FydeApp\"\u003eFydeApp\u003c/a\u003e) Sinan Eren discusses the “iOS-ification” of platforms and the security ramifications, the dangers of running AV software, the iOS vs. Android security argument, and his new venture to address mobile phishing attacks.\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-431-8\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/05/Ep-24-sinan_eren.mp3?_=8\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/05/Ep-24-sinan_eren.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/05/Ep-24-sinan_eren.mp3\u003c/a\u003e\u003c/audio\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Security vendors need to stop doing more harm than good\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/security-vendors-heal-thyself-do-good-not-harm/\"\u003eSecurity vendors need to stop doing more harm than good\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Founder and CEO of Fyde (@FydeApp) Sinan Eren discusses the “iOS-ification” of platforms and the security ramifications, the dangers of running AV software, the iOS vs. Android security argument, and his new venture to address mobile phishing attacks.\r\n","date_published":"2018-05-02T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1bdc9378-05fb-4cbb-885e-a635b58b2298.mp3","mime_type":"audio/mpeg","size_in_bytes":49914123,"duration_in_seconds":2658}]},{"id":"https://securityconversations.com/?post_type=podcast\u0026p=421","title":"Stephen Ridley, Founder and CTO, Senrio","url":"https://securityconversations.fireside.fm/stephen-ridley-senrio","content_text":"Founder and CTO at Senrio Stephen Ridley (@s7ephen) talks about the abysmal state of IoT security, his recent exploitation of an IP camera, and router to exfiltrate corporate data and his experience as a minority in the security industry.\n\nhttps://securityconversations.com/wp-content/uploads/2018/04/Ep23-stephen-ridley.mp3Links:Introducing - Senrio Discovery","content_html":"\u003cp\u003eFounder and CTO at Senrio Stephen Ridley (\u003ca href=\"https://twitter.com/s7ephen\"\u003e@s7ephen\u003c/a\u003e) talks about the abysmal state of IoT security, his recent exploitation of an IP camera, and router to exfiltrate corporate data and his experience as a minority in the security industry.\u003c/p\u003e\n\n\u003caudio class=\"wp-audio-shortcode\" id=\"audio-421-9\" preload=\"metadata\" style=\"width: 100%;\" controls=\"controls\"\u003e\u003csource type=\"audio/mpeg\" src=\"https://securityconversations.com/wp-content/uploads/2018/04/Ep23-stephen-ridley.mp3?_=9\" /\u003e\u003ca href=\"https://securityconversations.com/wp-content/uploads/2018/04/Ep23-stephen-ridley.mp3\"\u003ehttps://securityconversations.com/wp-content/uploads/2018/04/Ep23-stephen-ridley.mp3\u003c/a\u003e\u003c/audio\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Introducing - Senrio Discovery\" rel=\"nofollow\" href=\"https://blog.senr.io/blog/introducing-senrio-discovery\"\u003eIntroducing - Senrio Discovery\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Founder and CTO at Senrio Stephen Ridley talks about the abysmal state of IoT security, his recent exploitation of an IP camera, and router to exfiltrate corporate data and his experience as a minority in the security industry.","date_published":"2018-04-30T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a0478299-5d72-4bd9-8bd0-bc3c553645ba.mp3","mime_type":"audio/mpeg","size_in_bytes":52952645,"duration_in_seconds":2998}]},{"id":"1acf96d7-a561-4f6f-a936-75f92e67ca7b","title":"Mischel Kwon, Founder and CEO, MKA Cyber","url":"https://securityconversations.fireside.fm/mischel-kwon-mka-cyber","content_text":"Founder and CEO at MKACyber Mischel Kwon joins the podcast to address the state of the SOC (Security Operations Center) and how businesses should deal with issues around excessive alerts, incident response times, and outdated metrics.Links:MKACyberMischel Kwon on LinkedIn","content_html":"\u003cp\u003eFounder and CEO at MKACyber Mischel Kwon joins the podcast to address the state of the SOC (Security Operations Center) and how businesses should deal with issues around excessive alerts, incident response times, and outdated metrics.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"MKACyber\" rel=\"nofollow\" href=\"https://mkacyber.io/\"\u003eMKACyber\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mischel Kwon on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/mischelkwon/\"\u003eMischel Kwon on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Founder and CEO at MKACyber Mischel Kwon joins the podcast to address the state of the SOC (Security Operations Center) and how businesses should deal with issues around excessive alerts, incident response times, and outdated metrics.","date_published":"2018-04-26T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1acf96d7-a561-4f6f-a936-75f92e67ca7b.mp3","mime_type":"audio/mpeg","size_in_bytes":43253945,"duration_in_seconds":2342}]},{"id":"5714f72d-d6d1-4ec0-9ba7-0b5ffbd297de","title":"Rick Holland, CISO and VP of Strategy, Digital Shadows","url":"https://securityconversations.fireside.fm/rick-holland-digital-shadows","content_text":"CISO and VP of Strategy at Digital Shadows Rick Holland discusses his path in the information security industry, advancements in the threat intel space, and his passion for good bar-b-que.Links:Rick Holland on LinkedInDigital Shadows","content_html":"\u003cp\u003eCISO and VP of Strategy at Digital Shadows Rick Holland discusses his path in the information security industry, advancements in the threat intel space, and his passion for good bar-b-que.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Rick Holland on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/rick-holland-4737a93/\"\u003eRick Holland on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Digital Shadows\" rel=\"nofollow\" href=\"https://www.digitalshadows.com/\"\u003eDigital Shadows\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"CISO and VP of Strategy at Digital Shadows Rick Holland discusses his path in the information security industry, advancements in the threat intel space, and his passion for good bar-b-que.","date_published":"2018-04-24T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/5714f72d-d6d1-4ec0-9ba7-0b5ffbd297de.mp3","mime_type":"audio/mpeg","size_in_bytes":55915215,"duration_in_seconds":2134}]},{"id":"1a12e545-c1df-485c-b38f-dacd2356366d","title":"Thomas Ptacek, Founder, Latacora","url":"https://securityconversations.fireside.fm/tom-ptacek-latacora","content_text":"Latacora Security founder Thomas Ptacek joins the podcast to weigh in on the cybersecurity skills shortage, his approach to recruiting and hiring, and what needs to be done to address diversity in the industry.Links:Latacora -- Security Teams For Startups — Latacora does just one kind of engagement: we join your engineering team virtually and run security, for about a year. Then we help you hire someone full-time to replace us.Thomas H. Ptacek on Twitter","content_html":"\u003cp\u003eLatacora Security founder Thomas Ptacek joins the podcast to weigh in on the cybersecurity skills shortage, his approach to recruiting and hiring, and what needs to be done to address diversity in the industry.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Latacora -- Security Teams For Startups\" rel=\"nofollow\" href=\"https://latacora.com/\"\u003eLatacora -- Security Teams For Startups\u003c/a\u003e \u0026mdash; Latacora does just one kind of engagement: we join your engineering team virtually and run security, for about a year. Then we help you hire someone full-time to replace us.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Thomas H. Ptacek on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/tqbf\"\u003eThomas H. Ptacek on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Latacora Security founder Thomas Ptacek joins the podcast to weigh in on the cybersecurity skills shortage, his approach to recruiting and hiring, and what needs to be done to address diversity in the industry.","date_published":"2018-04-23T15:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1a12e545-c1df-485c-b38f-dacd2356366d.mp3","mime_type":"audio/mpeg","size_in_bytes":42360848,"duration_in_seconds":2918}]},{"id":"517fd50b-7794-4b77-a0f5-4c898524b014","title":"Zane Lackey, Chief Security Officer, Signal Sciences","url":"https://securityconversations.fireside.fm/zane-lackey-signal-sciences","content_text":"Co-founder and Chief Security Officer at Signal Sciences Zane Lackey riffs on DevOps, the almost impossible task of defending organizations from intruders, bug bounties versus penetration testing, and the pros and cons of launching a company with venture capital investment.Links:Zane Lackey on LinkedInSignal Sciences -The Next-Gen Web Protection Platform","content_html":"\u003cp\u003eCo-founder and Chief Security Officer at Signal Sciences Zane Lackey riffs on DevOps, the almost impossible task of defending organizations from intruders, bug bounties versus penetration testing, and the pros and cons of launching a company with venture capital investment.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Zane Lackey on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/zane-lackey-66a3404/\"\u003eZane Lackey on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Signal Sciences -The Next-Gen Web Protection Platform\" rel=\"nofollow\" href=\"https://www.signalsciences.com/\"\u003eSignal Sciences -The Next-Gen Web Protection Platform\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Co-founder and Chief Security Officer at Signal Sciences Zane Lackey riffs on DevOps, the almost impossible task of defending organizations from intruders, bug bounties versus penetration testing, and the pros and cons of launching a company with venture capital investment.","date_published":"2018-04-16T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/517fd50b-7794-4b77-a0f5-4c898524b014.mp3","mime_type":"audio/mpeg","size_in_bytes":42101169,"duration_in_seconds":2500}]},{"id":"21e54dc1-246e-4efb-a0dd-9cd1ab69a610","title":"Haroon Meer, CEO, Thinkst Applied Research","url":"https://securityconversations.fireside.fm/haroon-meer-thinkst-applied-research","content_text":"Thinkst founder Haroon Meer talks about building a security company from scratch without VC funding, using Canaries to pinpoint signs of intruder activity, advancements in security research, and the state of the bug bounty market.Links:Thinkst Canary - how it worksVideo : Enterprise security - A new hopeHaroon Meer on Twitter","content_html":"\u003cp\u003eThinkst founder Haroon Meer talks about building a security company from scratch without VC funding, using Canaries to pinpoint signs of intruder activity, advancements in security research, and the state of the bug bounty market.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Thinkst Canary - how it works\" rel=\"nofollow\" href=\"https://canary.tools/#how-it-works\"\u003eThinkst Canary - how it works\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Video : Enterprise security - A new hope\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=gbbq7FSPxdA\"\u003eVideo : Enterprise security - A new hope\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Haroon Meer on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/haroonmeer\"\u003eHaroon Meer on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Thinkst founder Haroon Meer talks about building a security company from scratch without VC funding, using Canaries to pinpoint signs of intruder activity, advancements in security research, and the state of the bug bounty market.","date_published":"2018-04-12T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/21e54dc1-246e-4efb-a0dd-9cd1ab69a610.mp3","mime_type":"audio/mpeg","size_in_bytes":49733509,"duration_in_seconds":3626}]},{"id":"76f82d6c-8983-4786-abaf-d0426dc65a4c","title":"David (int eighty), Dual Core","url":"https://securityconversations.fireside.fm/int-eighty-dual-core","content_text":"Red teamer and security researcher by day, nerdcore rapper by night, ‘int eighty’ joins the podcast to talk about his work breaking into computer systems, common security mistakes that people make, and his double life as a musician in Dual Core.Links:Dual Core / International hip hop duo","content_html":"\u003cp\u003eRed teamer and security researcher by day, nerdcore rapper by night, ‘int eighty’ joins the podcast to talk about his work breaking into computer systems, common security mistakes that people make, and his double life as a musician in Dual Core.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Dual Core / International hip hop duo\" rel=\"nofollow\" href=\"http://dualcoremusic.com/nerdcore/\"\u003eDual Core / International hip hop duo\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Red teamer and security researcher by day, nerdcore rapper by night, ‘int eighty’ joins the podcast to talk about his work breaking into computer systems, common security mistakes that people make, and his double life as a musician in Dual Core.","date_published":"2018-04-11T15:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/76f82d6c-8983-4786-abaf-d0426dc65a4c.mp3","mime_type":"audio/mpeg","size_in_bytes":34938743,"duration_in_seconds":2374}]},{"id":"470c2cbd-ffb9-4df1-aa97-1e70410dcc81","title":"Dennis Fisher, Editor-in-Chief, Decipher","url":"https://securityconversations.fireside.fm/dennis-fisher-decipher","content_text":"Veteran cybersecurity writer Dennis Fisher joins the podcast to talk about his new journalism venture at decipher.sc, his preference for long-form writing, and the trends worth following in the security space.Links:Dennis Fisher | Decipher — He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.Dennis Fisher on Twitter","content_html":"\u003cp\u003eVeteran cybersecurity writer Dennis Fisher joins the podcast to talk about his new journalism venture at decipher.sc, his preference for long-form writing, and the trends worth following in the security space.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Dennis Fisher | Decipher\" rel=\"nofollow\" href=\"https://duo.com/decipher/article_author/dfisher\"\u003eDennis Fisher | Decipher\u003c/a\u003e \u0026mdash; He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dennis Fisher on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/DennisF\"\u003eDennis Fisher on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Veteran cybersecurity writer Dennis Fisher joins the podcast to talk about his new journalism venture at decipher.sc, his preference for long-form writing, and the trends worth following in the security space.","date_published":"2018-04-05T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/470c2cbd-ffb9-4df1-aa97-1e70410dcc81.mp3","mime_type":"audio/mpeg","size_in_bytes":36569236,"duration_in_seconds":2580}]},{"id":"4cddd571-1e73-4625-acb1-321bb47e706f","title":"Tim Maurer, Scholar, Carnegie Endowment for International Peace","url":"https://securityconversations.fireside.fm/tim-maurer-carnegie-endowment-for-international-peace","content_text":"Tim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system.Links:Tim Maurer - Carnegie Endowment for International Peace — Tim Maurer is the co-director of the Cyber Policy Initiative and a fellow at the Carnegie Endowment for International Peace. Since 2010, his work has been focusing on cybersecurity, human rights in the digital age, and Internet governance, currently with a specific focus on cybersecurity and financial stability.Tim Maurer on TwitterCyber Mercenaries: The State, Hackers, and Power — Cyber Mercenaries explores the secretive relationships between states and hackers. As cyberspace has emerged as the new frontier for geopolitics, states have become entrepreneurial in their sponsorship, deployment, and exploitation of hackers as proxies to project power. Such modern-day mercenaries and privateers can impose significant harm undermining global security, stability, and human rights. ","content_html":"\u003cp\u003eTim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Tim Maurer - Carnegie Endowment for International Peace\" rel=\"nofollow\" href=\"http://carnegieendowment.org/experts/1086\"\u003eTim Maurer - Carnegie Endowment for International Peace\u003c/a\u003e \u0026mdash; Tim Maurer is the co-director of the Cyber Policy Initiative and a fellow at the Carnegie Endowment for International Peace. Since 2010, his work has been focusing on cybersecurity, human rights in the digital age, and Internet governance, currently with a specific focus on cybersecurity and financial stability.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tim Maurer on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/maurertim\"\u003eTim Maurer on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cyber Mercenaries: The State, Hackers, and Power\" rel=\"nofollow\" href=\"https://www.amazon.com/Cyber-Mercenaries-State-Hackers-Power/dp/110756686X/ref=redir_mobile_desktop?_encoding=UTF8\u0026amp;qid=\u0026amp;ref_=tmm_pap_title_0\u0026amp;sr=\"\u003eCyber Mercenaries: The State, Hackers, and Power\u003c/a\u003e \u0026mdash; Cyber Mercenaries explores the secretive relationships between states and hackers. As cyberspace has emerged as the new frontier for geopolitics, states have become entrepreneurial in their sponsorship, deployment, and exploitation of hackers as proxies to project power. Such modern-day mercenaries and privateers can impose significant harm undermining global security, stability, and human rights. \u003c/li\u003e\u003c/ul\u003e","summary":"Tim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system.","date_published":"2018-03-05T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/4cddd571-1e73-4625-acb1-321bb47e706f.mp3","mime_type":"audio/mpeg","size_in_bytes":29020105,"duration_in_seconds":1951}]},{"id":"2f444967-e9fd-4c80-87eb-5ff56aee1ae4","title":"Will Lin, Principal and Founding Investor, ForgePoint Capital","url":"https://securityconversations.fireside.fm/will-lin-forgepoint-capital","content_text":"Principal and founding investor at ForgePoint Capital Cybersecurity William Lin talks about venture capital activity in the security space, sectors that are ripe for investment, missed bets on successful companies, and the cybersecurity talent shortage.Links:William Lin on LinkedInForgepoint portfolio companies","content_html":"\u003cp\u003ePrincipal and founding investor at ForgePoint Capital Cybersecurity William Lin talks about venture capital activity in the security space, sectors that are ripe for investment, missed bets on successful companies, and the cybersecurity talent shortage.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"William Lin on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/linwilliam/\"\u003eWilliam Lin on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Forgepoint portfolio companies\" rel=\"nofollow\" href=\"https://forgepointcap.com/companies/\"\u003eForgepoint portfolio companies\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Principal and founding investor at ForgePoint Capital Cybersecurity William Lin talks about venture capital activity in the security space, sectors that are ripe for investment, missed bets on successful companies, and the cybersecurity talent shortage.","date_published":"2018-03-02T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/2f444967-e9fd-4c80-87eb-5ff56aee1ae4.mp3","mime_type":"audio/mpeg","size_in_bytes":43759308,"duration_in_seconds":3311}]},{"id":"2561c251-a654-4949-aefe-33ad83373f80","title":"Pete Chronis, CISO, Turner Broadcasting","url":"https://securityconversations.fireside.fm/pete-chronis-turner-broadcasting","content_text":"Chief Information Security Officer at Turner Broadcasting Pete Chronis discusses his new book on solving the cybersecurity conundrum, the day-to-day grind of securing a global media organization, and the role of the CISO in the modern world.Links:The Cyber Conundrum: How Do We Fix Cybersecurity?","content_html":"\u003cp\u003eChief Information Security Officer at Turner Broadcasting Pete Chronis discusses his new book on solving the cybersecurity conundrum, the day-to-day grind of securing a global media organization, and the role of the CISO in the modern world.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The Cyber Conundrum: How Do We Fix Cybersecurity?\" rel=\"nofollow\" href=\"https://www.amazon.com/Cyber-Conundrum-How-Fix-Cybersecurity-ebook/dp/B079WZ592P\"\u003eThe Cyber Conundrum: How Do We Fix Cybersecurity?\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Chief Information Security Officer at Turner Broadcasting Pete Chronis discusses his new book on solving the cybersecurity conundrum, the day-to-day grind of securing a global media organization, and the role of the CISO in the modern world.","date_published":"2018-02-26T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/2561c251-a654-4949-aefe-33ad83373f80.mp3","mime_type":"audio/mpeg","size_in_bytes":37506970,"duration_in_seconds":2753}]},{"id":"ab9e9c84-15c6-4f9e-b703-71dc40c23baf","title":"Brad Arkin, Chief Security Officer, Adobe","url":"https://securityconversations.fireside.fm/brad-arkin-adobe","content_text":"Adobe’s Chief Security Officer Brad Arkin talks about setting and managing risk management priorities, protecting company infrastructure, the challenges of securing software, and the looming death of Adobe Flash Player.Links:Brad Arkin on TwitterSecurity at Adobe","content_html":"\u003cp\u003eAdobe’s Chief Security Officer Brad Arkin talks about setting and managing risk management priorities, protecting company infrastructure, the challenges of securing software, and the looming death of Adobe Flash Player.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Brad Arkin on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/bradarkin\"\u003eBrad Arkin on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Security at Adobe\" rel=\"nofollow\" href=\"https://www.adobe.com/security.html\"\u003eSecurity at Adobe\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Adobe’s Chief Security Officer Brad Arkin talks about setting and managing risk management priorities, protecting company infrastructure, the challenges of securing software, and the looming death of Adobe Flash Player.","date_published":"2018-02-23T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/ab9e9c84-15c6-4f9e-b703-71dc40c23baf.mp3","mime_type":"audio/mpeg","size_in_bytes":44087043,"duration_in_seconds":2826}]},{"id":"a134ba7a-9727-47e7-8a46-3ba0c5d705ee","title":"Aanchal Gupta, Director of Security, Facebook","url":"https://securityconversations.fireside.fm/aanchal-gupta-facebook","content_text":"Director of Security at Facebook Aanchal Gupta joins the podcast to share her story and provide guidance for young women struggling to overcome societal obstacles.Links:Aanchal Gupta on LinkedInFacebook SecurityCybersecurity Needs Diversity","content_html":"\u003cp\u003eDirector of Security at Facebook Aanchal Gupta joins the podcast to share her story and provide guidance for young women struggling to overcome societal obstacles.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Aanchal Gupta on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/aanchalgupta/\"\u003eAanchal Gupta on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Facebook Security\" rel=\"nofollow\" href=\"https://www.facebook.com/security/\"\u003eFacebook Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cybersecurity Needs Diversity\" rel=\"nofollow\" href=\"https://staysafeonline.org/blog/diversity-needed-cybersecurity-unique-experience-helps-protect-people/\"\u003eCybersecurity Needs Diversity\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Director of Security at Facebook Aanchal Gupta joins the podcast to share her story and provide guidance for young women struggling to overcome societal obstacles.","date_published":"2018-02-14T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/a134ba7a-9727-47e7-8a46-3ba0c5d705ee.mp3","mime_type":"audio/mpeg","size_in_bytes":30922718,"duration_in_seconds":2138}]},{"id":"dcd14ec8-d9f0-4245-9324-6291ad4d10a7","title":"Tom Conklin, Director of Security and Compliance, Vera Security","url":"https://securityconversations.fireside.fm/tom-conklin-vera-security","content_text":"Senior Director of Security and Compliance at Vera Security Tom Conklin talks about the pros and cons of using bug bounty programs, the challenges of managing risk in smaller companies, and why user awareness training is an ongoing headache for security administrators.Links:Vera SecurityTom Conklin on LinkedIn","content_html":"\u003cp\u003eSenior Director of Security and Compliance at Vera Security Tom Conklin talks about the pros and cons of using bug bounty programs, the challenges of managing risk in smaller companies, and why user awareness training is an ongoing headache for security administrators.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Vera Security\" rel=\"nofollow\" href=\"https://www.vera.com/\"\u003eVera Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tom Conklin on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/tom-conklin-b4037713/\"\u003eTom Conklin on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Senior Director of Security and Compliance at Vera Security Tom Conklin talks about the pros and cons of using bug bounty programs, the challenges of managing risk in smaller companies, and why user awareness training is an ongoing headache for security administrators.","date_published":"2018-02-08T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/dcd14ec8-d9f0-4245-9324-6291ad4d10a7.mp3","mime_type":"audio/mpeg","size_in_bytes":30629828,"duration_in_seconds":2008}]},{"id":"11a6011e-7ad8-418f-a302-37a700a11d45","title":"John Terrill, CISO, Fox News, Fox Business and Fox Television","url":"https://securityconversations.fireside.fm/john-terrill-fox-news","content_text":"Chief Information Security Officer at Fox News, Fox Business, and Fox Television John Terrill joins the podcast to talk about life in the CISO trenches and makes a bold prediction that could significantly change the cybersecurity narrative.Links:John Terrill on Twitter","content_html":"\u003cp\u003eChief Information Security Officer at Fox News, Fox Business, and Fox Television John Terrill joins the podcast to talk about life in the CISO trenches and makes a bold prediction that could significantly change the cybersecurity narrative.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"John Terrill on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/youbetyourballs\"\u003eJohn Terrill on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Chief Information Security Officer at Fox News, Fox Business, and Fox Television John Terrill joins the podcast to talk about life in the CISO trenches and makes a bold prediction that could significantly change the cybersecurity narrative.","date_published":"2018-02-06T14:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/11a6011e-7ad8-418f-a302-37a700a11d45.mp3","mime_type":"audio/mpeg","size_in_bytes":41862607,"duration_in_seconds":2835}]},{"id":"6fc1d3cb-e930-484f-84e6-8c521ddb9e97","title":"Christopher Ahlberg, CEO, Recorded Future","url":"https://securityconversations.fireside.fm/christopher-ahlberg-recorded-future","content_text":"Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall.Links:Recorded FutureChristopher Ahlberg on LinkedIn","content_html":"\u003cp\u003eCo-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Recorded Future\" rel=\"nofollow\" href=\"https://www.recordedfuture.com/\"\u003eRecorded Future\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Christopher Ahlberg on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/christopherahlberg/\"\u003eChristopher Ahlberg on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall.","date_published":"2018-01-30T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/6fc1d3cb-e930-484f-84e6-8c521ddb9e97.mp3","mime_type":"audio/mpeg","size_in_bytes":33265132,"duration_in_seconds":1743}]},{"id":"fa20320a-7a94-45b5-b054-bbe06d3b723b","title":"Masha Sedova, co-founder, Elevate Security","url":"https://securityconversations.fireside.fm/masha-sedova-elevate-security","content_text":"As businesses struggle with security awareness training for employees, Elevate Security co-founder Masha Sedova argues that the focus should be on “behavior change” and recommends the use of positive motivation and available tools to get employees to make better security decisions.Links:Masha Sedova on LinkedInHacker's Mind by Elevate SecurityMasha Sedova on Twitter","content_html":"\u003cp\u003eAs businesses struggle with security awareness training for employees, Elevate Security co-founder Masha Sedova argues that the focus should be on “behavior change” and recommends the use of positive motivation and available tools to get employees to make better security decisions.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Masha Sedova on LinkedIn\" rel=\"nofollow\" href=\"https://www.linkedin.com/in/msedova/\"\u003eMasha Sedova on LinkedIn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hacker\u0026#39;s Mind by Elevate Security\" rel=\"nofollow\" href=\"https://elevatesecurity.com/hackers-mind/\"\u003eHacker\u0026#39;s Mind by Elevate Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Masha Sedova on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/modMasha\"\u003eMasha Sedova on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"As businesses struggle with security awareness training for employees, Elevate Security co-founder Masha Sedova argues that the focus should be on “behavior change” and recommends the use of positive motivation and available tools to get employees to make better security decisions.","date_published":"2018-01-26T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/fa20320a-7a94-45b5-b054-bbe06d3b723b.mp3","mime_type":"audio/mpeg","size_in_bytes":33579206,"duration_in_seconds":1803}]},{"id":"476c43ff-be49-4057-b965-928abc39b9af","title":"Paul Roberts, Editor-in-Chief, Security Ledger","url":"https://securityconversations.fireside.fm/paul-roberts-security-ledger","content_text":"Veteran security journalist Paul Roberts talks about the creation of Security Ledger, his work covering cybersecurity, the democratization of media, and hiccups with IoT legislation.Links:The Security LedgerPaul Roberts on Twitter","content_html":"\u003cp\u003eVeteran security journalist Paul Roberts talks about the creation of Security Ledger, his work covering cybersecurity, the democratization of media, and hiccups with IoT legislation.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The Security Ledger\" rel=\"nofollow\" href=\"https://securityledger.com/\"\u003eThe Security Ledger\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Paul Roberts on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/paulfroberts\"\u003ePaul Roberts on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Veteran security journalist Paul Roberts talks about the creation of Security Ledger, his work covering cybersecurity, the democratization of media, and hiccups with IoT legislation.","date_published":"2018-01-19T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/476c43ff-be49-4057-b965-928abc39b9af.mp3","mime_type":"audio/mpeg","size_in_bytes":47164187,"duration_in_seconds":2459}]},{"id":"25fade91-a24d-4173-9831-ddf30dc0d051","title":"Dino Dai Zovi, co-founder and CTO, Capsule8","url":"https://securityconversations.fireside.fm/dino-dai-zovi-capsule8","content_text":"Dino Dai Zovi, co-founder and CTO of Capsule8, joins the podcast to talk about the fallout from the Meltdown and Spectre vulnerabilities, the transition from security research to managing a VC-funded start-up and reminisce about his time as a famous Pwn2Own MacBook hacker.Links:Part One: Detecting Meltdown using Capsule8Part Two: Detecting Meltdown and Spectre by Detecting Cache Side Channels 10 questions for MacBook hacker Dino Dai ZoviDino Dai Zovi on Twitter","content_html":"\u003cp\u003eDino Dai Zovi, co-founder and CTO of Capsule8, joins the podcast to talk about the fallout from the Meltdown and Spectre vulnerabilities, the transition from security research to managing a VC-funded start-up and reminisce about his time as a famous Pwn2Own MacBook hacker.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Part One: Detecting Meltdown using Capsule8\" rel=\"nofollow\" href=\"https://capsule8.com/blog/detecting-meltdown-using-capsule8/\"\u003ePart One: Detecting Meltdown using Capsule8\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Part Two: Detecting Meltdown and Spectre by Detecting Cache Side Channels \" rel=\"nofollow\" href=\"https://capsule8.com/blog/detecting-meltdown-spectre-detecting-cache-side-channels/\"\u003ePart Two: Detecting Meltdown and Spectre by Detecting Cache Side Channels \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"10 questions for MacBook hacker Dino Dai Zovi\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/10-questions-for-macbook-hacker-dino-dai-zovi/\"\u003e10 questions for MacBook hacker Dino Dai Zovi\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dino Dai Zovi on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/dinodaizovi\"\u003eDino Dai Zovi on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Dino Dai Zovi, co-founder and CTO of Capsule8, joins the podcast to talk about the fallout from the Meltdown and Spectre vulnerabilities, the transition from security research to managing a VC-funded start-up and reminisce about his time as a famous Pwn2Own MacBook hacker.","date_published":"2018-01-11T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/25fade91-a24d-4173-9831-ddf30dc0d051.mp3","mime_type":"audio/mpeg","size_in_bytes":38280103,"duration_in_seconds":2397}]},{"id":"0a1d0429-f768-4175-8f48-9416cb420157","title":"Sharon Anolik, President and Founder, Privacy Panacea","url":"https://securityconversations.fireside.fm/sharon-anolik-privacy-panacea","content_text":"Sharon Anolik, President and Founder of Privacy Panacea, talks about her work advising corporate clients on privacy and data protection issues, the looming chaos surrounding the European Union’s GDPR (General Data Protection Regulation) and the role she plays on ‘Silicon Valley.’Links:Privacy PanaceaSharon Anolik on Twitter","content_html":"\u003cp\u003eSharon Anolik, President and Founder of Privacy Panacea, talks about her work advising corporate clients on privacy and data protection issues, the looming chaos surrounding the European Union’s GDPR (General Data Protection Regulation) and the role she plays on ‘Silicon Valley.’\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Privacy Panacea\" rel=\"nofollow\" href=\"https://www.privacypanacea.com/\"\u003ePrivacy Panacea\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sharon Anolik on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/PrivacyPanacea\"\u003eSharon Anolik on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Sharon Anolik, President and Founder of Privacy Panacea, talks about her work advising corporate clients on privacy and data protection issues, the looming chaos surrounding the European Union’s GDPR (General Data Protection Regulation) and the role she plays on ‘Silicon Valley.’","date_published":"2018-01-04T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/0a1d0429-f768-4175-8f48-9416cb420157.mp3","mime_type":"audio/mpeg","size_in_bytes":48156317,"duration_in_seconds":2631}]},{"id":"bf98d79b-204e-4a5f-9418-75c5b554a26e","title":"Kim Zetter, Journalist and Author","url":"https://securityconversations.fireside.fm/kim-zetter","content_text":"Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry.Links:Kim Zetter on TwitterCountdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon: Kim Zetter: 9780770436193: Amazon.com: BooksWas Georgia’s Election System Hacked in 2016? Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States ","content_html":"\u003cp\u003eAward-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Kim Zetter on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/KimZetter\"\u003eKim Zetter on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Countdown to Zero Day: Stuxnet and the Launch of the World\u0026#39;s First Digital Weapon: Kim Zetter: 9780770436193: Amazon.com: Books\" rel=\"nofollow\" href=\"https://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/0770436196\"\u003eCountdown to Zero Day: Stuxnet and the Launch of the World\u0026#39;s First Digital Weapon: Kim Zetter: 9780770436193: Amazon.com: Books\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Was Georgia’s Election System Hacked in 2016? \" rel=\"nofollow\" href=\"https://www.politico.com/magazine/story/2018/07/18/mueller-indictments-georgia-voting-infrastructure-219018\"\u003eWas Georgia’s Election System Hacked in 2016? \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States \" rel=\"nofollow\" href=\"https://motherboard.vice.com/en_us/article/mb4ezy/top-voting-machine-vendor-admits-it-installed-remote-access-software-on-systems-sold-to-states\"\u003eTop Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States \u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry.","date_published":"2017-12-29T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/bf98d79b-204e-4a5f-9418-75c5b554a26e.mp3","mime_type":"audio/mpeg","size_in_bytes":56197391,"duration_in_seconds":3126}]},{"id":"66709e24-8186-4569-921c-d9b48756d089","title":"Kelly Jackson Higgins, Executive Editor, Dark Reading","url":"https://securityconversations.fireside.fm/kelly-jackson-higgins-dark-reading","content_text":"Dark Reading executive editor Kelly Jackson Higgins joins the podcast to tell security journalism war stories, talk about her new WiFi-enabled refrigerator and some trends worth following closely.Links:Kelly Jackson Higgins on TwitterDark Reading","content_html":"\u003cp\u003eDark Reading executive editor Kelly Jackson Higgins joins the podcast to tell security journalism war stories, talk about her new WiFi-enabled refrigerator and some trends worth following closely.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Kelly Jackson Higgins on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/kjhiggins\"\u003eKelly Jackson Higgins on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dark Reading\" rel=\"nofollow\" href=\"https://www.darkreading.com/\"\u003eDark Reading\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Dark Reading executive editor Kelly Jackson Higgins joins the podcast to tell security journalism war stories, talk about her new WiFi-enabled refrigerator and some trends worth following closely.","date_published":"2017-12-20T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/66709e24-8186-4569-921c-d9b48756d089.mp3","mime_type":"audio/mpeg","size_in_bytes":35129760,"duration_in_seconds":2395}]},{"id":"1bdec75a-1efc-454a-ad6b-8f56c2b526b7","title":"Katie Moussouris, co-founder and CEO, Luta Security","url":"https://securityconversations.fireside.fm/katie-moussouris-luta-security","content_text":"Computer security researcher and CEO of Luta Security, Katie Moussouris. talks about her life in the penetration testing trenches, advocating responsible security research, building bug bounty programs and the challenges of succeeding as a woman in the industry.Links:Luta SecurityHow I Got Here: Katie MoussourisIt’s dangerous to conflate bug bounties and vulnerability disclosure | CSO OnlineKatie Moussouris (@k8em0) on Twitter","content_html":"\u003cp\u003eComputer security researcher and CEO of Luta Security, Katie Moussouris. talks about her life in the penetration testing trenches, advocating responsible security research, building bug bounty programs and the challenges of succeeding as a woman in the industry.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Luta Security\" rel=\"nofollow\" href=\"http://lutasecurity.com/\"\u003eLuta Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How I Got Here: Katie Moussouris\" rel=\"nofollow\" href=\"https://threatpost.com/how-i-got-here-katie-moussouris/102784/\"\u003eHow I Got Here: Katie Moussouris\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"It’s dangerous to conflate bug bounties and vulnerability disclosure | CSO Online\" rel=\"nofollow\" href=\"https://www.csoonline.com/article/3271088/security/katie-moussouris-its-dangerous-to-conflate-bug-bounties-and-vulnerability-disclosure.html\"\u003eIt’s dangerous to conflate bug bounties and vulnerability disclosure | CSO Online\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Katie Moussouris (@k8em0) on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/k8em0\"\u003eKatie Moussouris (@k8em0) on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Computer security researcher and CEO of Luta Security, Katie Moussouris. talks about her life in the penetration testing trenches, advocating responsible security research, building bug bounty programs and the challenges of succeeding as a woman in the industry.","date_published":"2017-12-06T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/5f0c01ff-49f1-4c51-a8f8-f14c0d9bc72e/1bdec75a-1efc-454a-ad6b-8f56c2b526b7.mp3","mime_type":"audio/mpeg","size_in_bytes":54354347,"duration_in_seconds":3174}]}]}