Recent Posts

Episode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware!

In this podcast, sponsored by LastPass, former U.S. CISO Greg Touhill joins us to talk about news of a vast hack of U.S. government networks, which he calls a “five alarm fire” reportedly set by Russia.

DOJ News Conference GRU

Episode 196: Building the Case Against Sandworm with Cisco Talos

Cisco’s Matt Olney, the Director of Talos Threat Intelligence and Interdiction and Craig Williams, the Talos Director of Outreach about the case against

Circuit Board Lock Concept

Episode 195: Cyber Monday Super Deals Carry Cyber Risk

While many organizations think the notion of keyboards, monitors and other hardware “spying” on them as the stuff of “James Bond” movies, Yossi Appleboum of Sepio Systems says that the threat is real – and much more common that either companies or consumers are aware.

Container Security Image

Containers Complicate Compliance (And What To Do About It)

If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below. Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose. There are challenges when it comes to compliance, for sure. Organizations need to figure out whether to shape their efforts to the letter of an existing law or to base their activities in the spirit of a “law” that best suits their security needs—even if that law doesn’t exists. There’s also the assumption that a company can acquire ‘good enough’ security by implementing a checkbox exercise, never mind the confusion explained by @Nemesis09. Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why. However, there is truth behind why […]

IP Phone Home

Exploitable Flaw in NPM Private IP App Lurks Everywhere, Anywhere

A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications.