In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses.
Search Results for ""third party" and code"
Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security
In this episode of the podcast
(#216) we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the recent hack of the firm SolarWinds.
Update: Neopets Is Still A Thing And Its Exposing Sensitive Data
Neopets, the virtual pets website has exposed a wide range of sensitive data online including information that might be used to identify site users, security researchers report.
Spotlight Podcast: Security Automation is (and isn’t) the Future of Infosec
In this Spotlight Podcast, we speak with David Brumley, the Chief Executive Officer at the security firm ForAllSecure and an expert on the use of machine learning and automation to cyber security problems. We talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere is driving investment in automation.
Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise
Vijay Balasubramaniyan of Pindrop joins us to talk about it. And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month’s hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components.