Podcasts

Podcast Episode 112: what it takes to be a top bug hunter

Podcast Episode 112: what it takes to be a top bug hunter

Podcast: Play in new window | Download (Duration: 39:54 — 45.7MB)Subscribe: Android | Email | Google Podcasts | RSS In this week’s episode (#112): top bug hunters can earn more than $1 million a year from “bounties” paid for information on exploitable software holes in common platforms and applications. What does it take to be among the best? We talk with Jason Haddix of the firm Bug Crowd to find out. Also: The Internet Society’s Jeff Wilbur talks about the new #GetIoTSmart campaign to educate device makers and the public about Internet of Things security. 

SIM swapping attacks allow attackers to reassign phone numbers to phone hardware they control. (Image courtesy of iFixit.)

Spotlight Podcast: Flashpoint’s Allison Nixon on SIM Swapping and the Looming Online Identity Crisis

Podcast: Play in new window | Download (Duration: 19:08 — 21.9MB)Subscribe: Android | Email | Google Podcasts | RSSYour smart phone does double and triple duty: letting you do banking, buy a cup of coffee, board a plane or access a sensitive online account. But that doesn’t mean that your phone number is equally as trustworthy. In this Spotlight Podcast, we speak with Flashpoint* head of research Allison Nixon about how a recent rash of SIM swapping attacks highlights a looming crisis in online identity. 

The Internet of Things is raising the stakes of destructive, cyber physical attacks, Bruce Schneier argues in his new book, Click Here to Kill Everybody.

Podcast Episode 111: Click Here to Kill Everybody and CyberSN on Why Security Talent Walks

Podcast: Play in new window | Download (Duration: 59:10 — 67.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast (episode #111), sponsored by CyberSN: what happens when the Internet gets physical? Noted author and IBM security guru Bruce Schneier joins us to talk about his new book on Internet of Things risk: Click Here to Kill Everybody. Also: everyone knows that cyber security talent is hard to come by, and even harder to keep. But why does precious cyber talent walk? In our second segment, we’re joined by Deidre Diamond of cyber security placement firm CyberSN, who has all the answers.

Podcast Episode 110: Why Patching Struts isn’t Enough and Hacking Electricity Demand with IoT?

Podcast Episode 110: Why Patching Struts isn’t Enough and Hacking Electricity Demand with IoT?

Podcast: Play in new window | Download (Duration: 33:38 — 38.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#110): the second major flaw in Apache Struts 2 in as many years and has put the information security community on alert. But is this vulnerability as serious as the last, which resulted in the hack of the firm Equifax? We talk with an expert from the firm Synopsys.  And: we’ve heard a lot about the risk of cyber attacks on the critical infrastructure used to generate and distribute electricity. But what would happen if someone figured out to how to hack electricity demand? The Internet of Things just might make that possible. We talk to a Princeton University researcher behind a paper that discusses how even small changes in demand can have big consequences for the grid.

The Security Operations Center at the 2018 Black Hat Briefings in Las Vegas. (Photo by Paul Roberts)

Spotlight Podcast: Arctic Wolf on Nurturing Talent for the Evolved SOC

Podcast: Play in new window | Download (Duration: 25:17 — 28.9MB)Subscribe: Android | Email | Google Podcasts | RSSIn this Spotlight Podcast, sponsored by Arctic Wolf Networks: sessions at this month’s Black Hat Briefings on PTSD and substance abuse among security workers are proof that the high pressure, high stakes world of information security can take its toll. So what  does it take to find, train and nurture information security pros? Sam McLane, the Chief Technology Services Officer at the firm Arctic Wolf Networks joins us to talk about how his company holds on to top security talent.