Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: Application Security Weekly
Dec 6, 2018

Hackers are opening SMB ports on routers to infect PCs with NSA malware, bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities, malware & rogue users can spy on some apps' HTTPS crypto, exploiting developer infrastructure is insanely easy, the state of JavaScript, Amazon announces Firecracker, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42 Follow us on Twitter: https://www.twitter.com/securityweekly

Dec 5, 2018

Aleksei Tiurin is the Senior Security Researcher for Acunetix. He is performing a technical segment on reverse proxies using weblogic, Tomcat, and Nginx.

To learn more about Acunetix, go to: www.acunetix.com/securityweekly

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 29, 2018

Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 28, 2018

Brent Dukes is a hacker, and Director of Information Security for an established manufacturing company. He joins Keith and Paul this week to talk about WAF’s, Pentesting, Burp Suite, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 20, 2018

Instagram leaks passwords to the public, Clickjacking on Google MyAccount Worth $7,500, James Wickett's thread on Open Source SAST options, an advanced search tool for sensitive information stored in GitHub repos, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode40 Follow us on Twitter: https://www.twitter.com/securityweekl

 

Nov 19, 2018

Previously co-founder and head of product at Layered Insight, John now leads container security engineering at Qualys after it's acquisition of Layered Insight. John talks about Qualys' Container Security that centralized, continuous discovery and tracking for containers and images.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode40 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 15, 2018

Brian Kelly is Head of Conjur Engineering at CyberArk, where he focuses on creating products that add much-needed security and identity management to the landscape of DevOps tools and cloud systems.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode39

To learn more about Conjur, go to: www.conjur.org/asw

Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 14, 2018

DJI Drone Vulnerability, Hackers are increasingly destroying logs to hide attacks, Adobe ColdFusion servers under attack from APT group, understanding Open Source Code use in your business, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode39 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 8, 2018

In the Application Security News, a nasty DHCPv6 packet can Pwn vulnerable Linux Boxes, 'Stalkerware' website let anyone intercept texts of tens of thousands of people, twelve malicious Python libraries found and removed from PyPI, the U.S. Department of Defense Guide for "Detecting Agile BS", and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode38 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 7, 2018

Daniel Cuthbert is the Global Head of Security Research for Banco Santander. He joins Keith and Paul this week for an interview!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode38 Follow us on Twitter: https://www.twitter.com/securityweekly

Nov 1, 2018

Millions of passengers affected by Cathay Pacific Airline Hack, China has been hijacking the internet backbone of Western countries, how proficient are developers at fixing Application Security flaws, WordPress team working to wipe-out older versions from existence on the Internet, MicroTik Router Bug is as bad as it gets, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode37 Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 31, 2018

Keith, Paul, and Johnny Xmas discuss airport security, penetration testing, the top 5 payment apps, and DevOps infused conversation!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode37 Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 25, 2018

Hackers hide Cryptocurrency malware in Adobe flash updates, the government is finally rolling out 2 Factor Authentication for Federal Agency Domains, and Disney is helping women from across their company to become Developers!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 24, 2018

Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, and a remote code implantation flaw found in Medtronic Cardiac Programmers.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 16, 2018

Garrett Gross received his first modem at age six and has been plugged in ever since. Today, Garrett is a Senior Solutions Engineer with a specialization in application security at Rapid7. He serves as an escalation layer to the applied engineering department, provides technical enablement, and facilitates cross-departmental functionality. Garrett joins Keith and Paul this week for an interview!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode35

Visit https://www.securityweekly.com/asw for all the latest episodes!

www.rapid7.com/securityweekly

Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 16, 2018

In the Application Security News, Git Project patches Remote Code Execution Vulnerability, Google is Shutting Down Google+ after 500k accounts potentially affected by a data breach, Facebook wants people to Invite its cameras into their homes, GitHub introduces user blocking notifications, DevOps producing more insecure apps than ever, Climate Change being taught on Fortnite Twitch stream, and more!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode35

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 4, 2018

Facebook discloses the loss of at least 50M Access Tokens also covered by Motherboard Formjacking is on the rise, Google admits to allowing hundreds of companies read your email, FireFox Monitor will alert you when your accounts have been Pwned, Microsoft releases MS-DOS v1.25 and v2.0 as Open Source, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode34 Follow us on Twitter: https://www.twitter.com/securityweekly

Oct 3, 2018

Attend local meetups and conferences, practice your coding skills, get educated by World Class security researchers, do your homework, there's no substitute for Practice, OWASP Juice Shop, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode34 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 27, 2018

In the Application Security News, Hackers stole customer credit cards in Newegg data breach, John Hancock now requires monitoring bracelets to buy insurance, the man who broke Ticketmaster, new security settings available in iOS 12, State Department confirms data breach exposed employee data, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode33

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 26, 2018

Ron started his cybersecurity career as a network penetration tester for the NSA, and is the Founder of Tenable and Gula Tech Adventures. He joins Keith and April for an interview to talk about security in the upcoming elections, how to maintain separation of duties, attack simulation, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode33

Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 20, 2018

Alpine Linux hit with bug that can lead to Poisoned Containers, data breaches affect stock performance in the long run, Bluebox-ng, a Node.js VoIP pentesting framework, and CommitStrip: It's Not an App!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode32 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 19, 2018

Keith Hoodlet and Paul Asadoorian interview April Wright. They discuss people connected by apps, workplace reward systems, and the importance of building/practicing the process before documenting it. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode32 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 13, 2018

U.S. Government releases post-mortem on Equifax, MacOS security baseline script by Jerry Gamblin, Equifax mega-breach and nothing has changed, Docker hacking challenge, and Bug Bounties and mental health.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode31 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 12, 2018

Zane Lackey is the Founder/Chief Security Officer at Signal Sciences. Zane Lackey explains how we the security industry needs to shift left when it comes to applications and patching.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode31 Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 30, 2018

In the Application security news, 'Fortnite' developer had sharp words for Google after an Exploit was discovered, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, hacking Black Hat, Burp Suite 2.0 Beta released, Windows 95 running in Electron, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30 Follow us on Twitter: https://www.twitter.com/securityweekly

1 2 3 4 Next »