Articles

Episode 247: Into the AppSec Trenches with Robinhood CSO Caleb Sima

By The Security Ledger | December 21, 2022

Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in the trenches of protecting high value financial services firms from cyberattacks.

The post Episode 247: Into the AppSec Trenches with Robinhood CSO Caleb Sima appeared first on The Security Ledger with Paul F. Roberts.

Spotlight: SIEMs suck. Panther is out to change that. 

By The Security Ledger | November 30, 2022

I interview Jack Naglieri, CEO of Panther about the failures of the current SIEM technology and the need for what Naglieri terms “detection engineers.”

The post Spotlight: SIEMs suck. Panther is out to change that.  appeared first on The Security Ledger with Paul F. Roberts.

Episode 246: SOARing out of Lockdown with Revelstoke Security

By The Security Ledger | November 20, 2022

Getting a start-up off the ground isn’t easy in the best of times. Now imagine doing it just as a global pandemic is shutting down society…and the economy. Our guest this week, Josh McCarthy of Revelstoke Security, did it and lived to tell the tale.

The post Episode 246: SOARing out of Lockdown with Revelstoke Security appeared first on The Security Ledger with Paul F. Roberts.

Episode 245: How AI is remaking knowledge-based authentication

By The Security Ledger | November 1, 2022

Six decades in, password use has tipped into the absurd, while two-factor authentication is showing its limits. We talk with Matt Salisbury of Honeybadger HQ, which is using AI and machine learning to re-imagine knowledge-based authentication.

The post Episode 245: How AI is remaking knowledge-based authentication appeared first on The Security Ledger with Paul F. Roberts.

Episode 244: ZuoRAT brings APT Tactics to Home Networks

By The Security Ledger | October 14, 2022

In this episode of the Security Ledger podcast, brought to you by ReversingLabs, we interview Danny Adamitis (@dadamitis) of Black Lotus Labs about the discovery of ZuoRAT, malware that targets SOHO routers – and is outfitted with APT-style tools for attacking the devices connected to home networks. As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.  [MP3] Cyber attacks on small office and home office (or SOHO) routers aren’t new. Back in 2016, the malware known as Mirai made headlines across the world by infecting hundreds of thousands of weekly protected SOHO routers and DVR devices and stringing them into […]

The post Episode 244: ZuoRAT brings APT Tactics to Home Networks appeared first on The Security Ledger with Paul F. Roberts.

Episode 243: An Interview with Chris Hoff Chief Secure Technology Officer at LastPass Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

By The Security Ledger | September 14, 2022

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.”

The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass appeared first on The Security Ledger with Paul F. Roberts.

Episode 242: Hacking the Farm (and John Deere) with Sick Codes

By The Security Ledger | September 5, 2022

In our latest podcast, Paul caught up with Sick Codes (@sickcodes) to talk about his now-legendary presentation at the DEF CON Conference in Las Vegas, in which he demonstrated a hack that ran the Doom first person shooter on a John Deere 4240 touch-screen monitor.

The post Episode 242: Hacking the Farm (and John Deere) with Sick Codes appeared first on The Security Ledger with Paul F. Roberts.

Student Loan Breach Exposes 2.5M Records

By ThreatPost | August 31, 2022

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

By ThreatPost | August 30, 2022

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

By ThreatPost | August 29, 2022

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.