Beste John Lehr podcaster (2024)

1
Tourists, Fortis, apps, TLP, AWS, Google, Chatbots, Aaran Leyland, and More... - SWN #425 35:07

2d ago35:07

35:07

Tourist Abuse, Fortis, apps, TLP, AWS, Google, Chatbots, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-425

1
Transforming the Defender's Dilemma into the Defender's Advantage - Charlotte Wylie, Bhawna Singh, Lenny Zeltser - ESW #381 1:50:15

2d ago1:50:15

1:50:15

Ever heard someone say, "the attacker only has to be right once, but the defender has to get it right every time"? On this episode, we'll dispel that myth. There is some truth to the saying, but only with regards to initial access to the target's environment. Once on the inside, the attacker's advantage flips to the defender. Call it the 'Home Alon…

1
Secure By Default - How do we get there? - Andy Syrewicze - PSW #848 3:06:32

3d ago3:06:32

3:06:32

Andy drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to be…

1
From First-Time Hunter to Veteran: The Growth at Deer Camp 1:26:29

5d ago1:26:29

1:26:29

From First-Time Hunter to Veteran: The Growth at Deer Camp Camaraderie and Learning: Adam and Joseph emphasized the camaraderie and learning opportunities at deer camp, where experienced hunters share knowledge with others in a supportive, non-competitive environment. Therapeutic Benefits: They discussed the personal and therapeutic effects of the …

1
JSON Parsing, Email Parsing, CISA's Bad Practices Guide, Abusing Disclosure Policies - ASW #304 38:34

5d ago38:34

38:34

Flaws that arise from inconsistent parsing of JSON and email addresses, CISA's guide to bad software practices, abusing a security disclosure process to take over a WordPress plugin, and more! Show Notes: https://securityweekly.com/asw-304

1
Doom Brain, E2EE, OT, Adload, Cisco, VMware, internet archive, Josh Marpet ... - SWN #424 29:57

1d ago29:57

29:57

Doom on a Human Brain, E2EE, OT, Adload, Cisco, VMware, Internet Archive, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-424

1
The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 38:53

5d ago38:53

38:53

Building cloud native apps doesn't mean you're immune to dealing with legacy systems. Cloud services have changed significantly over the last decade, both in the security controls available to them and the sheer volume of services that CSPs provide. Scott Piper shares some history of cloud security, the benefits of account separation, and how ratch…

1
The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 1:17:25

5d ago1:17:25

1:17:25

Building cloud native apps doesn't mean you're immune to dealing with legacy systems. Cloud services have changed significantly over the last decade, both in the security controls available to them and the sheer volume of services that CSPs provide. Scott Piper shares some history of cloud security, the benefits of account separation, and how ratch…

1
Aligning Tech Execs on Cyber Resilience - Theresa Lanowitz - BSW #369 1:01:21

1d ago1:01:21

1:01:21

Getting C-Suite execs aligned on cyber resilience and cybersecurity can be a challenge. LevelBlue's recent Futures™️ report sought to uncover the barriers that prevent companies from achieving cyber resilience in the enterprise today. The report not only surveyed C-Suite execs (CIOs, CTOs, and CISOs), but non-C-Suite leaders from engineering and ar…

1
The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 1:17:25

2d ago1:17:25

1:17:25

Building cloud native apps doesn't mean you're immune to dealing with legacy systems. Cloud services have changed significantly over the last decade, both in the security controls available to them and the sheer volume of services that CSPs provide. Scott Piper shares some history of cloud security, the benefits of account separation, and how ratch…

1
Stealing, Kubernetes, Passkeys, SolarWinds, Intel, Sextortion, and... - SWN #423 33:22

5d ago33:22

33:22

Stealing Pencils, Kubernetes, Passkeys, SolarWinds, Intel, North Koreans, Sextortion, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-423

1
Cybersecurity Success is Business Success - Renuka Nadkarni, Theresa Lanowitz - ESW #380 1:46:37

6d ago1:46:37

1:46:37

Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders. Most security problems are out of security teams' …

1
Episode 64: Look, Ma, No Plans! What Improv Can Teach Us about Being Human 1:14:53

9d ago1:14:53

1:14:53

The Two Humans “wing it” with improv master Susan Messing as they discuss why improvisation makes humans unique. Episode 64: Look, Ma, No Plans! What Improv Can Teach Us about Being Human An Intro to Anthro with 2 Humans Human Number One, John McCray, and Human Number Two, John Lehr, re-assess what it means to be human. http://www.intro2anthro.podb…

1
Effective Operational Outcomes - Ken Dunham - PSW #847 2:58:09

7d ago2:58:09

2:58:09

New security and vulnerability research is published every day. How can security teams get ahead of the curve and build architecture to combat modern threats and threat actors? Tune-in to a lively discussion about the threat landscape and tips on how to stay ahead of the curve. Segment Resources: https://blog.qualys.com/vulnerabilities-threat-resea…

1
Precision, Patience, and Imperfect Shots: An Epic Start to Deer Season - Longbow Success 1:27:32

12d ago1:27:32

1:27:32

The Bowhunter Chronicles Podcast - Episode 323 - Precision, Patience, and Imperfect Shots: An Epic Start to Deer Season Traditional Bow Hunting Success Adam shared his journey of taking down his first doe with a traditional bow, emphasizing the precision and patience needed for success. Strategic Hunting Techniques Adam and Byron discussed key stra…

1
Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303 41:59

8d ago41:59

41:59

Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-303…

1
Stego, uBlock, PPTP, Log4J, Command Jacking, Windows 10, Feet, Josh Marpet, and More. - SWN #422 30:23

8d ago30:23

30:23

AI Stego, uBlock, PPTP, Log4J rises again, Command Jacking, Windows 10, Principal Skinner's Feet, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-422

1
Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303 42:00

12d ago42:00

42:00

Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Show Notes: https://securityweekly.com/asw-303

1
Budget Planning Guide 2025: Security And Risk - Jeff Pollard - BSW #368 59:35

9d ago59:35

59:35

In today’s uncertain macroeconomic environment, security and risk leaders need practical guidance on managing existing spending and new budgetary requests. Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to review Forrester's Budget Planning Guide 2025: Security And…

1
Cybercab, Golden Jackal, Mamba 2FA, Microsoft, iPhone thieves, esims, Aaran Leyland.. - SWN #421 30:25

16d ago30:25

30:25

Cybercab, Golden Jackal, Mamba 2FA, Multi Microsoft, iPhone thieves, esims, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-421

1
Community Knowledge Sharing with CyberNest - Ben Siegel, Aaron Costello - ESW #379 1:53:03

16d ago1:53:03

1:53:03

For this interview, Ben from CyberNest joins us to talk about one of my favorite subjects: information sharing in infosec. There are so many amazing skills, tips, techniques, and intel that security professionals have to share. Sadly, a natural corporate reluctance to share information viewed as privileged and private has historically had a chillin…

1
The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846 2:14:57

17d ago2:14:57

2:14:57

"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. Th…

1
If You Miss That Elk, I Will Cut Your Bowstring - DIY Colorado Elk 1:51:24

19d ago1:51:24

1:51:24

The Bowhunter Chronicles Podcast - Episode 322 - If You Miss That Elk, I Will Cut Your Bowstring - DIY Colorado Elk Adam, Frank and Ernie sit down and recount their trip to Colorado for a DIY Private/Public Land elk hunt and how Frank was able to finally draw his bow after 5 long years and harvest a bull elk. https://www.spartanforge.ai - save 25% …

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 1:12:35

19d ago1:12:35

1:12:35

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
RCE from Iconv + PHP, Fuzzing a Codec, Fuzzing LLMs, Revisiting Recall - ASW #302 37:03

19d ago37:03

37:03

The many lessons to take away from a 24-year old flaw in glibc and the mastery in crafting an exploit in PHP, changing a fuzzer's configuration to find more flaws, fuzzing LLMs for prompt injection and jailbreaks, security hardening of baseband code, revisiting the threat models in Microsoft's Recall, and more! Show Notes: https://securityweekly.co…

1
AI, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet... - SWN #420 30:10

19d ago30:10

30:10

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-420

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 35:34

19d ago35:34

35:34

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 1:12:35

19d ago1:12:35

1:12:35

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
Run Your Security Program Like an Election Campaign - Kush Sharma - BSW #367 1:05:11

19d ago1:05:11

1:05:11

Does the CISO need to act like a politician? Negotiating budgets, communicating risks, and selling your strategy across the organization does sound a little like a politician. And if that's the case, are you hiring the right campaign staff? Kush Sharma, former CISO for CPR, City of Toronto, and Saputo, joins Business Security Weekly to discuss why …

1
Episode 63: I Want My Wa Wa! Why We Need Water 1:20:41

20d ago1:20:41

1:20:41

The Two Humans put on their bathing caps and dive into the topic of water. Don’t forget to bring a towel! Episode 63: I Want My Wa Wa! Why We Need Water An Intro to Anthro with 2 Humans Human Number One, John McCray, and Human Number Two, John Lehr, re-assess what it means to be human. http://www.intro2anthro.podbean.com https://www.facebook.com/pr…

1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419 32:36

23d ago32:36

32:36

Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-419

1
Cybersecurity Career Paths: from touring musician to purple teaming at Meta - Neko Papez, Brian Contos, Jayson Grace - ESW #378 2:14:25

24d ago2:14:25

2:14:25

Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na…

1
Analyzing Malware at Scale - John Hammond - PSW #845 3:07:23

25d ago3:07:23

3:07:23

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attack…

1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301 45:57

25d ago45:57

45:57

More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…

1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301 45:57

25d ago45:57

45:57

More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…

1
Death Stars, Recall, Microsoft, Brocade, AI, Josh Marpet, and more... - SWN #418 29:19

26d ago29:19

29:19

Death Stars are not real or are they?, Recall, Microsoft, Brocade, AI and More and More AI, Josh Marpet, and more on the Cyber Security News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-418

1
How to Attain Zero Trust - Rob Allen - BSW #366 57:58

26d ago57:58

57:58

The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticin…

1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - ASW #301 45:57

27d ago45:57

45:57

More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Show Notes: https://securityweekly.com/asw-301

1
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker... - Rob Allen - SWN #417 33:04

1M ago33:04

33:04

Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker, and More on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/hackers-deploy-ai-written-malware-in-targeted-attacks/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more abou…

1
SIEM: Shakeup in Event Management - What's Happening in the SIEM market today? - Jason Shockey, Seth Goldhammer - ESW #377 1:59:45

1M ago1:59:45

1:59:45

The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss: market changes and terminology: security analytics, data lakes, SIEM what is SOAR's role in the current SIEM market? machine learning and generative AI's role strategies for im…

1
AI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844 2:59:14

1M ago2:59:14

2:59:14

This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats f…

Podcaster verdt å lytte til

John Lehr Podcaster

Podcaster verdt å lytte til

Hurtigreferanseguide