Bengtson and Leif Dreizler as they dive into the latest trends and insights in the world of cybersecurity.
Highlights:
🤖 AI's Impact on Security: A deep dive into how AI and LLMs are transforming the security landscape, including the potential for better code and the changing dynamics of security jobs.
❄️ Snowflake's MFA Changes: Discussion on Snowflake's proactive measures following data breaches and the importance of shared responsibility in security.
📬 Email Spoofing Attack: An analysis of a clever DKIM replay attack that exploited Google’s email systems.
☠️ Malicious Uses of AI: Insights from Anthropic's blog on how AI is being misused for influence campaigns and malware generation.
💻 SCIM Security: A look at the DoyenSec article on SCIM vulnerabilities and the importance of secure provisioning in SSO.
Tune in for an engaging conversation filled with expert opinions, practical advice, and a few laughs along the way! Don't forget to like and subscribe!
🎙️Welcome to episode 27! In this episode, we dive into the latest security news and insights with your hosts,Travis McPeak, Will Bengtson and Leif Dreizler.
Highlights:
🚨 Insider threats are real! Join us as we discuss a wild corporate espionage case between Deal and Rippling. You won’t believe what happened!
💰 Google just dropped $32 billion on Wiz! What does this mean for the future of cloud security?
🛻 Jaguar Land Rover Data Breach: A ransomware attack reveals vulnerabilities in credential management and the importance of dark web monitoring.
🕵️♂️ Ever heard of LLM poisoning? We’re exploring how misinformation is affecting AI models.
💸Crypto Heist Analysis: A deep dive into the SafeWallet heist, examining the operational security mistakes made by the attackers.
Join us as we break down this week’s biggest security stories, so you don’t have to. Don't forget to like and subscribe!
🎙️ We’re back with another exciting episode of our podcast, where we dive into the latest trends and stories in the world of security! In this episode, Travis McPeak and Will Bengtson welcome our special guest, Misha Kuenstner, a Security Engineering Manager at Semgrep.
We cover a range of topics, including:
🛌 A deep dive into a recent security vulnerability involving Eight Sleep covers, where researchers discovered alarming access issues.
🥒 The implications of Hugging Face models being susceptible to local execution due to the use of Python's Pickle serialization.
🛡️ Insights from the first-ever State of Detection Engineering report, highlighting the evolving skills needed in detection and response.
☁️ A discussion on the recent CVE related to unauthenticated username enumeration in AWS and its impact on cloud security.
✉️ Google's announcement to replace SMS authentication with QR codes for Gmail, aiming to enhance security.
Tune in to hear our thoughts, insights, and recommendations on these pressing security issues. Don't forget to like, subscribe, and hit the notification bell for more episodes!
🎙️Join us for another episode of the 404:Security Not Found podcast! This week, Travis McPeak, Swathi Joshi and Will Bengtson discuss the latest trends in cybersecurity, including Microsoft's push towards a passwordless future and the implications of AI in spear phishing attacks.
In this episode, we cover:
🛡️ Microsoft's significant changes impacting over a billion users as they move towards a passwordless future.
🤖 A report from Malwarebytes on AI-powered spear phishing attacks and their alarming effectiveness.
The discovery of a malicious NPM package and the ongoing challenges of package squatting.
The recent pardon of Silk Road creator Ross Ulbricht and its implications.
A fascinating discussion on canaries in cybersecurity and their maturity model.
💔 A heartbreaking story of a woman scammed out of her life savings through a deepfake scam involving a fake Brad Pitt.
Don't forget to like and subscribe for more episodes!
Thanks for listening!
🎙️Welcome to this episode of 404 Security Not Found. This week, our hosts—Travis McPeak, Leif Dreizler, Swathi Joshi and Will Bengtson cover the following topics:
🛡️ Security Fix Campaigns: Discover how campaigns help address security misconfigurations efficiently for developers.
⛽ ExxonMobil Hacking Case: Discuss the FBI’s investigation into a hacking operation by an ExxonMobil consultant and its implications on corporate espionage.
🏛️ Government-Recommended Encryption: Following a breach by Chinese actors, we highlight the need for encrypted messaging apps like WhatsApp and Signal.
🤖 AI in Security: Learn how AI is enhancing vulnerability discovery in software development.
☁️ AWS re:Invent Highlights: Explore new features such as Resource Control Policies aimed at boosting cloud security.
🖥️ Us-east-1.com Case: Hear about the surprising traffic and questions on DNS security that arose from the registration of us-east-1.com.
💰 AI Agent Challenge: Examine the FRESA project, where participants try to persuade an AI to transfer funds, raising cybersecurity implications.
Join us for insightful discussions, humor, and expert opinions. Subscribe for more episodes and share your comments below!
Join us for an exciting episode of our podcast as we explore the latest trends in cybersecurity! This week, our usual hosts—Travis McPeak, Leif Dreizler, Swathi Joshi and Will Bengtson—cover key topics including:
🚙 Hacking Kias: We discuss a vulnerability that allows remote takeover of Kia vehicles via license plate numbers.
🚨 Air Gap Breaches: Learn about the Golden Jackal group’s breach of air-gapped government systems in Europe using custom malware.
🚀 Future of AppSec: Insights from Anshuman at Lyft on integrating LLMs and AI in application security workflows.
🛡️ Building a Security Culture: Jeevan Singh from Rippling shares crucial strategies for effective application security programs.
📉 Datadog's Cloud Security Report: An analysis of alarming trends in long-lived credentials and their impact on security incidents.
🤖 AI and Music Streaming Fraud: Discover how a man exploited AI for streaming royalties, leading to serious legal issues.
Tune in for our insights on these pressing cybersecurity topics. Don't forget to like, subscribe!
🎙️Please join Travis McPeak, Leif Dreizler, and Will Bengtson for the latest podcast episode.
🚀 RCE and the .Mobi TLD: Researchers spend $20 for remote code execution, nearly obtaining a Microsoft certificate.
🚨 LinkedIn’s Security Posture Management: Learn about LinkedIn’s AI-driven insights for improved security.
🤖 Government Botnet Takedown: We explore the recent botnet takedown by Chinese hackers.
💰 MasterCard Acquires Recorded Future: Discussing the $2.65 billion acquisition and its impact on threat intelligence.
🛡️ Secure by Design: The importance of integrating security into systems from the start.
📉 Hard Truths in Security: Exploring the realities of security as a cost center and human vulnerability factors.
Subscribe and follow! Catch you next time! 🎧✨
Enjoy the show!
🎙️Please join Travis McPeak, Leif Dreizler, Swathi Joshi, and Will Bengtson for the latest podcast episode.
🎧 In this latest episode, they discuss a range of topics from airport security bypass via SQL injection to threat modeling for enterprise AI search tools. Plus, a deep dive into recent data breaches and security vulnerabilities.
🔒 Tune in to hear lively discussions and expert insights on all things cybersecurity.
🎙️Check out this podcast episode featuring hosts Travis McPeak, Will Bengtson, Swathi Joshi, and special guest Daniel Miessler. They chat about many cybersecurity topics, including Microsoft's Recall feature, AI-based attacks on language models, and the Snowflake saga. They get into the nitty-gritty of how these technologies affect privacy, security, and the hurdles in the cybersecurity world. Plus, the episode dishes out details about the new security features being launched by major tech giants, and the dramas surrounding them. Tune in for some interesting conversations and hot takes on the latest cybersecurity buzz. 🚀
🎙️ Check out our latest podcast episode! Travis McPeak, Leif Dreizler, Will Bengtson and Swathi Joshi discuss a range of topics including LocomocoSec, prompt injection defenses, using developer tools for security, and Microsoft’s new Recall feature. Listen now for some insightful discussions and valuable insights.
Don't miss out on the latest trends and discussions in the cybersecurity world. Tune in now! 🚀
Welcome back to our latest podcast episode!🎙️ In this episode, we discuss the recent breach at Sisense, the state of cybersecurity in the industry, the new pricing model for Windows 10 security updates, the social engineering attack on Twitter's domain replacement and much more!.
Join us as we dive into these topics and share our insights on the current state of cybersecurity. Don't miss out on the engaging discussions and valuable information shared by our hosts Travis McPeak, Leif Dreizler and Swathi Joshi. 📣
If you enjoy our podcast, make sure to subscribe for more episodes. Stay informed and entertained with our cybersecurity discussions. Thank you for tuning in!
🎙️In this episode of our podcast, we cover a range of topics including a massive Apex Legends hack, the use of 🤖 AI in security, a breach at UnitedHealthcare, and more. Join us as we discuss the latest trends and news in the cybersecurity industry.
🔊In this episode hosts Travis McPeak, Will Bengtson, Leif Dreizler and Swathi Joshi explore security incidents and incident response in a captivating podcast. Delve into personal stories, industry standards, and various facets of security engineering. Gain insight into managing security incidents and listen to real-world frontline accounts. Whether you're a security pro or cybersecurity enthusiast, this episode offers informative discussions and entertaining exchanges. Don't miss this essential podcast featuring expert guidance, relatable experiences, and humor. 😄
🎙️In this episode of 404: Security Not Found, we welcome special guest Houston Hopkins, Cloud Security Leader to discuss the latest cybersecurity news, including the 'Mother of All Breaches' involving 26 billion records from various data breaches. We also discuss the controversy around the installation of 400 automated license plate readers in San Francisco and the recent Twitter hacks of SEC and Mandiant accounts.
Join us as we provide insights into the evolving landscape of data breaches, surveillance technology, and social media security.
In this episode, we have a special guest, Jackie Bow, who shares her experience and insights on threat detection and response in the field of security. She discusses her background in security, her recent transition back to being an engineer, and the importance of finding different avenues to be a leader in the industry. Join us as we dive into this and more thought-provoking topics.
Don't miss out on this last episode of the year before we take a break and return in late January.
🎙️ The latest episode of our podcast is now live! 🎉 Join us as we dive into some fascinating stories fresh off the press. It's been a year since we started this journey, and we couldn't be more thrilled to have you all with us. #podcast #newepisode
Here are some of today’s topics:
💥Okta's breach and incident response
🌐 North Korea targeting aerospace companies
🔒Sony's repeated hacking incidents
🚗 Car key relay attacks
💣 Explosion of disclosure and the impact on future CISO roles
🔊 Listen now and join the conversation. We'd love to hear your thoughts and insights on these cybersecurity incidents. #podcast #cybersecurity #digitalsecurity
🎙️Join us as we dive into deep fakes and data breaches. With special guests Swathi Joshi, VP SaaS Cloud Security at Oracle and Jeevan Singh, Director of Product Security at Twilio.
Grab your headphones and join us for this month’s episode! Subscribe to our podcast and stay tuned for more exciting content coming your way. Thanks for listening! 🎧
In this episode, we have a special guest, Umaimah Khan, the CEO and co-founder of Opal, a company that specializes in identity and access management. In addition to our news roundup, Will leads us in a discussion about risk.
Our latest podcast episode has a special guest! Meet Scott Behrens, stepping in for Anna. Scott's a top dog in the world of security engineering at Netflix. He's got a bunch of intriguing tales about his adventures dealing with privacy, risk, and securing everything in between.
We also chat about our exciting trip to Las Vegas. (Hint: It's not just for the casinos! 😄) We're off there for some speaking gigs and networking at a couple of conferences. Wish us luck!
A key topic of our discussion was the recent security snafu at Microsoft. Somehow, an MSA key got leaked and gave unauthorized access to about 25 email accounts. Some of the impacted ones were even from government agencies. 🚨🚨🚨 The culprits? Reports suggest it could be a state-sponsored group from China. We delve into how this incident underscores the importance of open communication when security flubs happen. We also mull over the potential consequences for cloud service providers in terms of regulations. Stay tuned for this engaging episode! 👂🔊
In this episode, we dive into the world of startups and angel investing. Join us as we discuss the challenges and successes of running a company and share valuable tips for those looking to start their own venture. Our hosts also explore the exciting security work happening at various companies and discuss the importance of adaptability in the startup world. Don't miss out on this informative and engaging episode - subscribe now and let us know your thoughts in the comments!
