Podcasts

Risk & Repeat: Cisco vulnerabilities raise backdoor concerns

This week's Risk & Repeat podcast looks at vulnerabilities in Cisco and Huawei products, which have raised concerns about backdoor access in networking equipment.
Risk & Repeat: RSA Conference 2019 in review

This week's 'Risk & Repeat' podcast looks back at RSA Conference and discusses the show's diversity and inclusion efforts as well as the top trends and sessions from the show.

Risk & Repeat: Apple restores enterprise certificates for Facebook, Google

This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.
Risk & Repeat: DNC renews election hacking concerns

This week's Risk & Repeat podcast looks at the claims of the Democratic National Committee that Russian hackers tried to breach its network following the midterm elections.
Risk & Repeat: Expired certificates loom amid government shutdown

This week's Risk & Repeat podcast looks at the expiration of more than 80 TLS certificates for U.S. government websites amid the ongoing government shutdown.
Risk & Repeat: What APT10 means for managed service providers

This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients.
Risk & Repeat: Lessons from the Equifax breach report

This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it.
Risk & Repeat: NRCC breach stokes election security fears

This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it.
Risk & Repeat: RSA Conference 2019 eyes diversity improvements

This week's Risk & Repeat podcast looks at RSA Conference's diversity and inclusion initiatives and discusses what they mean for both the event and the infosec industry.
Risk & Repeat: DeepMasterPrints spells trouble for biometrics

This week's Risk & Repeat podcast looks at the future of biometric authentication after researchers unveiled a new approach that uses neural networks to bypass fingerprint scanners.
Risk & Repeat: Who's to blame for bad passwords?

This week's Risk & Repeat podcast discusses whether users are responsible for creating and reusing weak passwords or if the technology systems themselves are to blame.
Risk & Repeat: Are we winning the war on cybercrime?

On this week's Risk & Repeat podcast, Chet Wisniewski of Sophos discusses his company's latest research and explains why there's reason for optimism in the war on cybercrime.
Risk & Repeat: MIT CSAIL discusses securing the enterprise

This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec.
Risk & Repeat: Facebook breach raises regulatory questions

This week's Risk & Repeat podcast discusses new developments regarding Facebook's recent data breach, as well as the social networking giant's response to the incident.
Risk & Repeat: Military cybersecurity scrutinized in GAO report

This week's Risk & Repeat podcast discusses the GAO report on vulnerabilities and weaknesses in modern weapons systems and what they mean for the U.S. military.
Risk & Repeat: Inside the Facebook 2FA fail

This week's Risk & Repeat podcast discusses the latest controversy for Facebook, which has been using two-factor authentication numbers for advertising purposes.
Risk & Repeat: NSS Labs lawsuit shakes infosec industry

This week's Risk & Repeat podcast discusses NSS Labs' antitrust suit against several security vendors, including CrowdStrike and the Anti-Malware Testing Standards Organization.
Risk & Repeat: Trend Micro apps land in hot water

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Trend Micro's Mac apps, which have come under fire for questionable data collection features.
Risk & Repeat: Inside the GAO's Equifax breach report

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Government Accountability Office's report on the Equifax breach and the questions it raises.
Risk & Repeat: Fortnite flaw disclosure enrages Epic Games

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite.
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
Risk & Repeat: Meltdown and Spectre disclosure in review

In this week's Risk & Repeat podcast, SearchSecurity editors discuss new insights -- and questions -- regarding the coordinated disclosure effort for Meltdown and Spectre.
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure.
Risk & Repeat: A deep dive on SamSam ransomware

In this week's Risk & Repeat podcast, SearchSecurity editors talk about the SamSam ransomware campaign, which may be the work of a single hacker who's made nearly $6 million.
Risk & Repeat: DHS warns of power grid cyberattacks

In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new warning from the Department of Homeland Security regarding Russian hackers targeting the U.S. power grid.
Risk & Repeat: Closing the gender gap at cybersecurity conferences

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the under-representation of women at cybersecurity conferences and how it affects the infosec industry.
Risk & Repeat: New concerns about smartphone spying

In this week's Risk & Repeat podcast, SearchSecurity editors discuss research that shows some Android apps record video of users' screens without permission or notifications.
Risk & Repeat: Is AI-driven identity management the future?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Identiverse 2018 and how artificial intelligence is being applied to identity and access management.
Risk & Repeat: U.S. government eyes offensive cyberattacks

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the risks of the U.S. Cyber Command engaging in offensive cyberattacks against foreign adversaries.
Risk & Repeat: New election security bill introduced

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Protecting American Votes and Elections Act of 2018, which requires paper ballots and audits.
Risk & Repeat: What do Google's AI principles mean for cybersecurity?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Google's new principles for artificial intelligence and how they may impact the use of AI for cybersecurity.
Risk & Repeat: More trouble for federal cybersecurity

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent federal cybersecurity report, which found the majority of agencies have significant security gaps.
Risk & Repeat: Are ICS threats being overblown or ignored?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.
Risk & Repeat: Breaking down the Efail flaws

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Efail vulnerabilities in PGP and S/Mime protocols, as well as the rocky disclosure process for the flaws.
Risk & Repeat: Why Ray Ozzie's Clear proposal isn't so clear

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it.
Risk & Repeat: Business email compromise on the rise

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise in business email compromise activity based on new data from the FBI's 2017 Internet Crime Report.
Risk & Repeat: RSAC 2018 recap, part two

In this week's Risk & Repeat podcast, SearchSecurity editors discuss more trends and takeaways from RSA Conference 2018, from incident response services to AI and automation.
Risk & Repeat: Hacking back, GDPR and more from RSAC

In this week's Risk & Repeat podcast, SearchSecurity editors discuss some of the major themes and debates from RSA Conference, from hacking back to GDPR compliance.
Risk & Repeat: Breaking down the Verizon DBIR 2018

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more.
Risk & Repeat: RSAC 2018 trends focus on AI, blockchain

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the big questions ahead of RSA Conference 2018, as well as notable sessions and speakers scheduled for the event.
Risk & Repeat: New revelations in San Bernardino iPhone case

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the OIG report's findings on the FBI's effort to unlock the iPhone of one of the San Bernardino terrorists.
Risk & Repeat: IBM Think 2018 highlights AI, blockchain

In this week's Risk & Repeat podcast, SearchSecurity editors recap IBM Think 2018 and discuss Watson's Law and Big Blue's pledge to keep user data safe from misuse and exposure.
Risk & Repeat: OURSA takes RSA Conference to task

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the emergence of OURSA to highlight diversity and the RSA Conference's lack of female keynote speakers.
Risk & Repeat: Assessing the Memcrashed attacks

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Memcrashed exploit and the recent trend of record-setting DDoS attacks against enterprises.
Risk & Repeat: Trustico certificate drama a cause for concern

In this week's Risk & Repeat podcast, SearchSecurity editors discuss how a controversial move by reseller Trustico led to 23,000 Symantec SSL certificates being revoked.
Risk & Repeat: Is the cyberthreat landscape shifting to cryptomining?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss how new attacks, like cryptojacking, may be supplanting previous top cyberthreats, such as ransomware.
Risk & Repeat: Intel bug bounty tackles side channel attacks

In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.
Risk & Repeat: Cyberinsurance market gets a shake-up

In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies.
Risk & Repeat: Cryptomining malware on the rise

In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the threat of cryptomining malware is evolving and what it means for enterprises and infosec vendors.
Risk & Repeat: Meltdown and Spectre mitigation efforts stumble

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Meltdown and Spectre mitigations efforts and why they're struggling with bad updates and miscommunication.
Risk & Repeat: Backdoor access, strong encryption debate rolls on

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the FBI's continued criticism of encrypted devices and the risks of vendor-created backdoor access points.
Risk & Repeat: Let's Encrypt certificates offer pros, cons

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Let's Encrypt certificates and weigh the positives and negatives the free certificate authority provides.
Risk & Repeat: Meltdown and Spectre vulnerabilities shake industry

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the discovery of the Meltdown and Spectre vulnerabilities and their effect on information security.
Business threat analytics: How does real-time data impact results?

Explore the top things you should know about real-time analytics with Johna Till Johnson and learn how it reduces false positives detected in your system on a daily basis.
Risk & Repeat: The TLS 1.3 clock continues to click

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the long wait for TLS 1.3 and the effects -- positive and negative -- the delays have had for enterprise security.
Risk & Repeat: Cybersecurity predictions for 2018

In this week's Risk & Repeat podcast, SearchSecurity editors offer their cybersecurity predictions for 2018, including forecasts for cryptojacking, DDoS attacks and other threats.
Risk & Repeat: Cryptojacking looms amid the bitcoin boom

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rising threat of cryptojacking and how hackers can steal computing power from unsuspecting users.
Risk & Repeat: The Bitcoin boom and its infosec effects

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent bitcoin boom and how the cryptocurrency's rising value could affect the cybersecurity landscape.
Risk & Repeat: Analyzing the accidental data breach

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise of accidental data breaches following a series of enterprise exposures of user data online.
Risk & Repeat: Uber data breach has implications for infosec

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Uber data breach, which was concealed by company officials, and the ethics of data breach disclosure.
Risk & Repeat: Vulnerabilities Equities Process gets an update

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the new charter for the Vulnerabilities Equities Process and what it means for the infosec community.
Risk & Repeat: App store security measures falling short

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent discovery of a fake WhatsApp app in the Google Play Store and what that means for app store security.
Risk & Repeat: Sale of Symantec Website Security completed

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the sale of Symantec Website Security to DigiCert and what it means for Symantec's troubled certificate business.
Risk & Repeat: Responsible encryption ramps up

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent push from law enforcement officials for responsible encryption and what that may mean.
Risk & Repeat: Is vulnerability marketing problematic?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss vulnerability marketing and compare how the recent KRACK attack and ROCA flaw were publicized and promoted.
Risk & Repeat: DEFCON tackles voting machine security

In this week's Risk & Repeat podcast, SearchSecurity editors discuss DEFCON's efforts to improve voting machine security in the wake of hacking threats during the 2016 election.
Risk & Repeat: Kaspersky antivirus scans implicated in NSA breach

In this week's Risk & Repeat podcast, SearchSecurity editors discuss reports implicating Kaspersky antivirus scans in the recently disclosed breach at the National Security Agency.
Risk & Repeat: Scope of Equifax, Yahoo breaches expands

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the expanding scope of the Equifax and Yahoo breaches and the long-term effects of these major security incidents.
Risk & Repeat: Are hacking victims taking too much blame?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss comments from the FBI's Donald Freese on the practice of blaming and shaming hacking victims and its effects.
Risk & Repeat: Kaspersky ban turns ugly

In this week's 'Risk & Repeat' podcast, SearchSecurity editors discuss the U.S. government's Kaspersky ban and how competitors like McAfee are trying to capitalize on it.
Risk & Repeat: Equifax data breach fallout continues

In this week's Risk & Repeat podcast, SearchSecurity editors continue discussing the Equifax data breach and examine new details about an Apache Struts flaw tied to the attack.
Risk & Repeat: Equifax data breach response called into question

In this week's Risk & Repeat podcast, SearchSecurity editors tackle the massive Equifax data breach and how the credit bureau's response to the security incident is creating more problems.
Risk & Repeat: Payment card security a growing concern

In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
Risk & Repeat: Alternative infosec conferences on the rise

In this week's Risk & Repeat podcast, SearchSecurity editors discuss how smaller, more targeted infosec conferences are making a name for themselves in the shadow of much larger events.
Risk & Repeat: Was the DNC hack an inside job?

In this week's Risk & Repeat podcast, SearchSecurity editors examine claims from intelligence veterans that the DNC hack was an inside job, and not the work of Russian hackers.
Risk & Repeat: MalwareTech indictment raises questions

In this week's Risk & Repeat podcast, SearchSecurity editors explore the FBI's case against security researcher Marcus Hutchins, better known as MalwareTech.
Risk & Repeat: Voting machine hacking brings good and bad news

In this week's Risk & Repeat podcast, SearchSecurity editors look back at DEFCON 2017's voting machine hacking and what it could mean for the future of U.S. election security.
Risk & Repeat: Black Hat 2017 highlights

In this week's Risk & Repeat podcast, SearchSecurity editors recap Black Hat 2017 and discuss some of the big news from the event, including the Broadpwn remote exploit.
Risk & Repeat: Why are Amazon S3 buckets spilling on the web?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the series of enterprise data leaks through misconfigured Amazon S3 buckets and what should be done about them.
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts.
Risk & Repeat: Should IAM systems be run by machine learning?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems.
Risk & Repeat: NotPetya ransomware raises the stakes

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the NotPetya ransomware, its impact and the growing trend of sophisticated ransomware attacks.
Risk & Repeat: RNC voter database left open to the public

In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the Republican National Committee's voter database was accidentally exposed in an Amazon S3 bucket.
Risk & Repeat: Symantec, Mozilla spar over certificate issuance

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Mozilla's suggested deadline for Symantec to turn over its certificate issuance operations.
Risk & Repeat: Comey warns of more election hacking

In this week's Risk & Repeat podcast, SearchSecurity editors discuss former FBI Director James Comey's testimony on election hacking and election interference from Russia.
Risk & Repeat: Shadow Brokers launch zero-day exploit service

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Shadow Brokers' monthly service for zero-day exploits and how it may affect enterprise security efforts.
Risk & Repeat: GDPR compliance clock is ticking

In this week's Risk & Repeat podcast, SearchSecurity editors discuss GDPR compliance and how the EU law will affect enterprise data privacy and security across the globe.
Risk & Repeat: Microsoft slams NSA over EternalBlue

In this week's Risk & Repeat podcast, SearchSecurity editors discuss Microsoft's sharp criticism of the NSA over the EternalBlue Windows vulnerability and WannaCry ransomware.
Using threat intelligence tools to prevent attacks on your enterprise

Using threat intelligence tools can help your enterprise stay one step ahead of attackers and possible threats. Learn how threat intelligence can be used in your company.
Risk & Repeat: WannaCry ransomware worm shakes tech industry

In this week's Risk & Repeat podcast, SearchSecurity editors look at the devastation caused by the WannaCry ransomware worm and discuss how it could have been prevented.
Risk & Repeat: Reviewing Trump's cybersecurity executive order

This week's Risk & Repeat podcast looks at President Trump's cybersecurity executive order and how it aims to address federal government and critical infrastructure issues.
Risk & Repeat: Critical Windows bug triggers disclosure debate

This week's Risk & Repeat podcast looks at how a simple tweet about a Windows bug from Project Zero researcher Tavis Ormandy sparked a debate about vulnerability disclosure.
Risk & Repeat: Symantec offers plan to restore certificate trust

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Symantec's continued struggles with certificate trust, and what Mozilla and Google are doing about it.
Risk & Repeat: More Equation Group cyberweapons leaked

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.
Risk & Repeat: Mozilla joins the Symantec certificate authority debate

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss mounting pressure on the Symantec certificate authority business to provide answers about its practices.
Risk & Repeat: Strong encryption under fire again

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of the encryption debate and what it means for apps that use strong encryption.
Risk & Repeat: Google slams Symantec certificates

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Google's proposed plan to distrust Symantec certificates following more allegations of mis-issuance.
Risk & Repeat: Accused Yahoo hackers indicted

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies.
Risk & Repeat: Leak of CIA hacking tools creates confusion

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools.
Risk & Repeat: Does the Amazon S3 outage raise security flags?

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications.