In the Security News this week, Google Chrome has a critical vulnerability, Flash has another zero-day exploit, Colorado passes “most stringent” breach notification law, hackers hack a plane from the ground.

Full Show Notes: https://wiki.securityweekly.com/Episode563 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Jake Reynolds is the Technology Alliances Engineer at LogRhythm, where he is responsible for supporting the development and management of the company’s integrations with third-party technology providers.

Full Show Notes: https://wiki.securityweekly.com/Episode563 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, Infoblox research finds explosion of personal and IoT devices, Qualys announces letter of intent to acquire second front systems, Fortinet acquires Bradford Networks, Tenable extends cloud application security scanning capabilities, and more on this episode of Enterprise Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode94

Visit http://securityweekly.com/esw for all the latest episodes!

In Tracking Security Innovation, Microsoft to acquire GitHub for $7.5B, Thoma Bravo acquired LogRhythm for undisclosed, KnowBe4 acquired exploqii for undisclosed, Signifyd raised $100M Series D, Cyberbit raised $30M in an equity round, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode87

Visit http://securityweekly.com/category/ssw for all the latest episodes!

In the news, how other companies are responding to GDPR, Oracle plans to drop Java Serialization Port, Microsoft acquires GitHub, the percentage of open source code in proprietary apps is rising, & more on this episode of Application Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode18 Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Paul and John welcome Adrian Sanabria, Director of Research for Savage Security; Dave Kennedy, Founder of TrustedSec, Binary Defense, and DerbyCon; and Security Weekly's very own Jeff Man! Paul and John have a group discussion with Adrian, Jeff, and Dave on Penetration Testing!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode94

Visit http://securityweekly.com/esw for all the latest episodes!

Jonathan Pritchard is a business consultant specializing in the psychology of communication, negotiation, influence, and sales. Previously he spent 15 years traveling the world as a mentalist, and currently he works with companies like Disney, Universal, State Farm Insurance, and more helping them engage their audiences.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode87

Visit http://securityweekly.com/category/ssw for all the latest episodes!

This week, Keith and Paul discuss what the difference is between Agile, CI/CD, and DevOps! Agile is focused on processed, highlighting change, all while accelerating delivery. CI/CD focuses on software-defined life cycles, highlighting tools, all that emphasize automation. DevOps focuses on culture, highlighting roles that emphasize responsiveness.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode18 Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Dozens of vulnerabilities discovered in DoD's enterprise travel system, what Apple hiding with iOS 11.4, Git repository vulnerability leds to remote code execution attacks, and feeling for Kaspersky.

Full Show Notes: https://wiki.securityweekly.com/Episode562 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Christian Hamer is the Chief Information Security Officer at Harvard University. Christian leads the University's information security program, which includes oversight of the University-wide information security policy.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode87

Visit http://securityweekly.com/category/ssw for all the latest episodes!

Chris is a full time husband, father of four, and pen tester; he's a part time Army officer, an aspiring SANS instructor, and the back-up church bass player. Lee Ford spent 2yrs in Information security as the DCOE Assnt Team Chief. Was the lead Project Officer for the stand up of the MA Cyber Battalion.

Full Show Notes: https://wiki.securityweekly.com/Episode562 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Ronnie Flathers is an experienced pentester and security consultant who is equally addicted to both netsec and appsec and splits his time appropriately. He currently is the AppSec Pentest Lead at Uptake. Ronnie joins Paul and the crew this week for an interview!

Full Show Notes: https://wiki.securityweekly.com/Episode562 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, Malwarebytes completes deal to acquire Binisoft, Lastline tackles advanced malware threats, Duo Security names Veteran marketing Leader, Neville Letzerich as Chief Marketing Officer, InAuth launches enhanced secure Two-Factor Auth solution, and more on this episode of Enterprise Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode93

Visit http://securityweekly.com/esw for all the latest episodes!

Eric Bednash is the CEO and co-founder of RackTop Systems. Jonathan Halstuch is the Chief Technology Officer and co-founder of RackTop Systems. Eric and Jonathan joins Paul and John this week for an interview!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode93

Visit http://securityweekly.com/esw for all the latest episodes!

In the news, what will GDPR's impact be on U.S. consumer privacy, DOJ Sinkholes VPNfilter control servers found in U.S., the most important characteristics of a successful DevOps engineer, FBI seizes domain Russia allegedly used to infect 500,000 consumer routers, Florida man tasered after walking naked through neighborhood carrying cooking oil, and more on this episode of Paul’s Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/Episode561 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Sven Morgenroth is a security researcher at Netsparker. He found filter bypasses for Chrome's XSS auditor and several web application firewalls. He likes to exploit vulnerabilities in creative ways and has hacked his smart TV without even leaving his bed. Sven writes about web application security and documents his research on the Netsparker blog. Why it’s dangerous to put sensitive information to your javascript files. Way developers hide secret variables.

Full Show Notes: https://wiki.securityweekly.com/Episode561 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Steven M. Bellovin is the Percy K. and Vidal L. W. Hudson Professor of Computer Science at Columbia University, member of the Cybersecurity and Privacy Center of the university's Data Science Institute, and an affiliate faculty member at Columbia Law School. He does research on security and privacy and on related public policy issues. Steven joins Paul and the crew this week for an interview!

Full Show Notes: https://wiki.securityweekly.com/Episode561 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news,Blueliv boosts its cyber-threat intelligence platform, Skybox partners with Exclusive Networks, Global Scheduling and Automation Software Market 2018 IBM, BMC Software, CA Technologies, VMware Cherry Grrl, McAfee developing security solutions for digital wallets, and more on this episode of Enterprise Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode92

Visit http://securityweekly.com/esw for all the latest episodes!

John gives a Technical Segment this week entitled "Building A Purple Team". He talks about different MITRE Tools.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode92

Visit http://securityweekly.com/esw for all the latest episodes!

In Tracking Security Innovation, Capital One acquired Confyrm, TransUnion acquired Iovation, Auth0 raised $55M Series D, Tanium raised $175M in equity, Cisco forming New Venture Fund, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode86

Visit http://securityweekly.com/category/ssw for all the latest episodes!

In the news, the entire Nest ecosystem of smart home devices goes offline, how Alphabet plans to keep hackers away from this year's election, the Node.js Ecosystem is chaotic and insecure, open-source vulnerabilities plague enterprise codebase systems, & more on this episode of Application Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode1

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Terry Mason is the Head of Information Risk & Technology Governance at a global multi-strategy hedge fund with 15+ years of experience in information security, technology governance, technology infrastructure, and project management.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode86

Visit http://securityweekly.com/category/ssw for all the latest episodes!

James is the creator and founder of the Lonestar Application Security Conference which is the largest annual security conference in Austin, TX. He also runs DevOps Days Austin and is on the global DevOps Days board. He also holds several security certifications including CISSP and GWAPT. He joins Keith and Paul this week for an interview! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode1

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Google Project Zero call Windows 10 Edge Defense ACG flawed, Wapiti Web Application vulnerability scanner 3.0.1 packet storm, CIA's "Vault 7" Mega-Leak, and Trump eliminates national cyber-coordinator!

Full Show Notes: https://wiki.securityweekly.com/Episode560 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Corey Thuen is a founder of Gravwell and has spent over a decade in ICS (OT), IT, and IoT security. Kristopher Watts is a founder of Gravwell and has spent over a decade in large scale Emulytics, virtualization, ICS, and embedded security.

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode86

Visit http://securityweekly.com/category/ssw for all the latest episodes!