Podcasts
-
Risk & Repeat: Colonial Pipeline CEO grilled by Congress
Colonial Pipeline Co. CEO Joseph Blount faced criticism from several members of Congress this week during two different hearings on the recent ransomware attack.
-
Risk & Repeat: Security startups and trends from RSAC 2021
Analyst Carla Roncato of Enterprise Strategy Group weighs in on RSA Conference and the security startups featured during the show's Innovation Sandbox competition.
-
Risk & Repeat: Recapping RSA Conference 2021
Election security, nation-state threats and supply chain attacks were major topics at this year's RSA Conference, which was held as a virtual event.
-
Risk & Repeat: Will the Ransomware Task Force make an impact?
The Institute for Security and Technology's Ransomware Task Force published several recommendations to better address the growing security threat. Will they work?
-
Risk & Repeat: FBI's web shell removal raises questions
The FBI accessed computers -- without the knowledge or consent of the owners -- to remove hundreds of web shells placed in vulnerable Microsoft Exchange servers.
-
Risk & Repeat: Recapping the Exchange Server attacks
This week's Risk & Repeat episode looks back at the Microsoft Exchange Server attacks, plus the questions and mysteries surrounding the ongoing threat.
-
Risk & Repeat: Inside the SolarWinds Senate hearing
This week's Senate Intelligence Committee hearing on SolarWinds tackled the attribution case against Russian state-sponsored hackers, as well as questions for AWS.
-
Risk & Repeat: SolarWinds and the hacking back debate
This week's Risk & Repeat podcast looks at a recent '60 Minutes' episode that discussed the possibility of the U.S. government hacking back in response to the SolarWinds attacks.
-
Risk & Repeat: Oldsmar water plant breach raises concerns
This week's Risk & Repeat podcast looks at how an unknown threat actor used TeamViewer to manipulate chemical levels in a water treatment facility in Oldsmar, Fla.
-
Risk & Repeat: Diving into the dark web
This week's Risk & Repeat podcast discusses the state of the dark web in 2021, how it has changed and what enterprises should know about the threats that exist there.
-
Risk & Repeat: SolarWinds attacks come into focus
This week's Risk & Repeat podcast discusses the fallout from the SolarWinds backdoor attacks as new victims and additional information have come to light.
-
Risk & Repeat: SolarWinds backdoor shakes infosec industry
This week's Risk & Repeat podcast discusses the latest developments around the devastating SolarWinds backdoor attacks, which impacted several U.S. government agencies.
-
Risk & Repeat: Christopher Krebs out as CISA director
This week's Risk & Repeat podcast discusses President Trump's firing of CISA Director Christopher Krebs, which was a controversial move in the infosec community.
-
Risk & Repeat: 2020 election security in review
This week's Risk & Repeat podcast looks back at the 2020 election, which was free of major cyber attacks or hacks but has seen a rise in disinformation campaigns online.
-
Risk & Repeat: Black Hat 2020 highlights
This week's Risk & Repeat podcast recaps Black Hat USA 2020 and discusses some of the best sessions, worst vulnerabilities and the overall virtual conference experience.
-
Risk & Repeat: Sophos warns of evolving ransomware threats
Dan Schiappa and Chester Wisniewski of Sophos join the Risk & Repeat podcast to discuss how ransomware groups are evolving and embracing innovative evasion techniques.
-
Risk & Repeat: Twitter breach leads to account hijacking
This week's Risk & Repeat podcast discusses how threat actors gained access to Twitter's internal systems and hijacked the accounts of Jeff Bezos, Bill Gates and others.
-
Risk & Repeat: Vault 7 report slams CIA security practices
This week's Risk & Repeat podcast discusses the CIA's internal task force report on the Vault 7 leak, which blasted the agency for a variety of serious security lapses.
-
Risk & Repeat: Are ransomware groups joining forces?
This week's Risk & Repeat podcast discusses the prospect of ransomware gangs working together and what it could mean for enterprises and the overall threat landscape.
-
Risk & Repeat: When will mobile voting be ready?
This week's Risk & Repeat podcast examines the rise of mobile voting apps and how security experts have expressed concerns about the risks deploying the technology for elections.
-
Risk & Repeat: Black Hat, DEF CON canceled
This week's Risk & Repeat podcast looks at the recent cancellations of Black Hat USA 2020 and DEF CON 28 and what their virtual replacements will try to accomplish.
-
Risk & Repeat: RDP security under fire amid COVID-19
This week's Risk & Repeat podcast looks at how Microsoft's Remote Desktop Protocol, already a popular vector with hackers, has received even more attention during the pandemic.
-
Risk & Repeat: Are ransomware attacks up or down?
This week's Risk & Repeat podcast looks at the latest research and analysis around ransomware to see what effect the COVID-19 pandemic has had on the threat landscape.
-
Risk & Repeat: Are Zoom security fears overblown?
This week's Risk & Repeat podcast looks at the backlash against Zoom over security and privacy concerns and asks whether there's been an overreaction.
-
Risk & Repeat: Zoom security comes under fire
This week's Risk & Repeat podcast looks at several security issues Zoom faced over the last week, which led to questions about the company's privacy and security practices.
-
Risk & Repeat: COVID-19 boosting social engineering attacks
This episode of the Risk & Repeat podcast looks at how social engineering attacks have become more successful by taking advantage of the coronavirus pandemic.
-
Risk & Repeat: Coronavirus-themed threats on the rise
This week's Risk & Repeat podcast looks at the disruption caused by COVID-19, as well as the sharp increase in cyberthreats designed to exploit the pandemic.
-
Risk & Repeat: Recapping RSA Conference 2020
This Risk & Repeat podcast looks back at RSA Conference and discusses some of the highlights from the show, from ransomware trends to nation-state hacking discussions.
-
Risk & Repeat: Breaking down RSA Security's sale
This Risk & Repeat podcast discusses Dell's recent sale of RSA for $2.075 billion, plus insights from experts on where venture capital firms are investing this year.
-
Risk & Repeat: Mobile World Congress canceled, RSAC 2020 still on
This week's Risk & Repeat podcast discusses RSA Conference's decision to move ahead with the show after the cancellation of Mobile World Congress over coronavirus concerns.
-
Risk & Repeat: More McAfee executives depart
This week's Risk & Repeat podcast discusses the revelation that more executives have left McAfee amid the unexpected departure of longtime CEO Chris Young last month.
-
Risk & Repeat: 2019 data breaches in review
This week's Risk & Repeat podcast looks at some of the biggest data breach disclosures from the second half of 2019 and discusses the trends around these incidents.
-
Risk & Repeat: Trump takes aim at DNC hack and CrowdStrike
This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference.
-
Tenable CEO Amit Yoran wants to stop 'cyber helplessness'
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises.
-
Risk & Repeat: Cisco vulnerabilities raise backdoor concerns
This week's Risk & Repeat podcast looks at vulnerabilities in Cisco and Huawei products, which have raised concerns about backdoor access in networking equipment.
-
Risk & Repeat: RSA Conference 2019 in review
This week's 'Risk & Repeat' podcast looks back at RSA Conference and discusses the show's diversity and inclusion efforts as well as the top trends and sessions from the show.
-
Risk & Repeat: Apple restores enterprise certificates for Facebook, Google
This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.
-
Risk & Repeat: DNC renews election hacking concerns
This week's Risk & Repeat podcast looks at the claims of the Democratic National Committee that Russian hackers tried to breach its network following the midterm elections.
-
Risk & Repeat: Expired certificates loom amid government shutdown
This week's Risk & Repeat podcast looks at the expiration of more than 80 TLS certificates for U.S. government websites amid the ongoing government shutdown.
-
Risk & Repeat: What APT10 means for managed service providers
This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients.
-
Risk & Repeat: Lessons from the Equifax breach report
This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it.
-
Risk & Repeat: NRCC breach stokes election security fears
This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it.
-
Risk & Repeat: RSA Conference 2019 eyes diversity improvements
This week's Risk & Repeat podcast looks at RSA Conference's diversity and inclusion initiatives and discusses what they mean for both the event and the infosec industry.
-
Risk & Repeat: DeepMasterPrints spells trouble for biometrics
This week's Risk & Repeat podcast looks at the future of biometric authentication after researchers unveiled a new approach that uses neural networks to bypass fingerprint scanners.
-
Risk & Repeat: Who's to blame for bad passwords?
This week's Risk & Repeat podcast discusses whether users are responsible for creating and reusing weak passwords or if the technology systems themselves are to blame.
-
Risk & Repeat: Are we winning the war on cybercrime?
On this week's Risk & Repeat podcast, Chet Wisniewski of Sophos discusses his company's latest research and explains why there's reason for optimism in the war on cybercrime.
-
Risk & Repeat: MIT CSAIL discusses securing the enterprise
This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec.
-
Risk & Repeat: Facebook breach raises regulatory questions
This week's Risk & Repeat podcast discusses new developments regarding Facebook's recent data breach, as well as the social networking giant's response to the incident.
-
Risk & Repeat: Military cybersecurity scrutinized in GAO report
This week's Risk & Repeat podcast discusses the GAO report on vulnerabilities and weaknesses in modern weapons systems and what they mean for the U.S. military.
-
Risk & Repeat: Inside the Facebook 2FA fail
This week's Risk & Repeat podcast discusses the latest controversy for Facebook, which has been using two-factor authentication numbers for advertising purposes.
-
Risk & Repeat: NSS Labs lawsuit shakes infosec industry
This week's Risk & Repeat podcast discusses NSS Labs' antitrust suit against several security vendors, including CrowdStrike and the Anti-Malware Testing Standards Organization.
-
Risk & Repeat: Trend Micro apps land in hot water
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Trend Micro's Mac apps, which have come under fire for questionable data collection features.
-
Risk & Repeat: Inside the GAO's Equifax breach report
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Government Accountability Office's report on the Equifax breach and the questions it raises.
-
Risk & Repeat: Fortnite flaw disclosure enrages Epic Games
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite.
-
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
-
Risk & Repeat: Meltdown and Spectre disclosure in review
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new insights -- and questions -- regarding the coordinated disclosure effort for Meltdown and Spectre.
-
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure.
-
Risk & Repeat: A deep dive on SamSam ransomware
In this week's Risk & Repeat podcast, SearchSecurity editors talk about the SamSam ransomware campaign, which may be the work of a single hacker who's made nearly $6 million.
-
Risk & Repeat: DHS warns of power grid cyberattacks
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new warning from the Department of Homeland Security regarding Russian hackers targeting the U.S. power grid.
-
Risk & Repeat: Closing the gender gap at cybersecurity conferences
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the under-representation of women at cybersecurity conferences and how it affects the infosec industry.
-
Risk & Repeat: New concerns about smartphone spying
In this week's Risk & Repeat podcast, SearchSecurity editors discuss research that shows some Android apps record video of users' screens without permission or notifications.
-
Risk & Repeat: Is AI-driven identity management the future?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Identiverse 2018 and how artificial intelligence is being applied to identity and access management.
-
Risk & Repeat: U.S. government eyes offensive cyberattacks
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the risks of the U.S. Cyber Command engaging in offensive cyberattacks against foreign adversaries.
-
Risk & Repeat: New election security bill introduced
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Protecting American Votes and Elections Act of 2018, which requires paper ballots and audits.
-
Risk & Repeat: What do Google's AI principles mean for cybersecurity?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Google's new principles for artificial intelligence and how they may impact the use of AI for cybersecurity.
-
Risk & Repeat: More trouble for federal cybersecurity
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent federal cybersecurity report, which found the majority of agencies have significant security gaps.
-
Risk & Repeat: Are ICS threats being overblown or ignored?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.
-
Risk & Repeat: Breaking down the Efail flaws
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Efail vulnerabilities in PGP and S/Mime protocols, as well as the rocky disclosure process for the flaws.
-
Risk & Repeat: Why Ray Ozzie's Clear proposal isn't so clear
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it.
-
Risk & Repeat: Business email compromise on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise in business email compromise activity based on new data from the FBI's 2017 Internet Crime Report.
-
Risk & Repeat: RSAC 2018 recap, part two
In this week's Risk & Repeat podcast, SearchSecurity editors discuss more trends and takeaways from RSA Conference 2018, from incident response services to AI and automation.
-
Risk & Repeat: Hacking back, GDPR and more from RSAC
In this week's Risk & Repeat podcast, SearchSecurity editors discuss some of the major themes and debates from RSA Conference, from hacking back to GDPR compliance.
-
Risk & Repeat: Breaking down the Verizon DBIR 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more.
-
Risk & Repeat: RSAC 2018 trends focus on AI, blockchain
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the big questions ahead of RSA Conference 2018, as well as notable sessions and speakers scheduled for the event.
-
Risk & Repeat: New revelations in San Bernardino iPhone case
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the OIG report's findings on the FBI's effort to unlock the iPhone of one of the San Bernardino terrorists.
-
Risk & Repeat: IBM Think 2018 highlights AI, blockchain
In this week's Risk & Repeat podcast, SearchSecurity editors recap IBM Think 2018 and discuss Watson's Law and Big Blue's pledge to keep user data safe from misuse and exposure.
-
Risk & Repeat: OURSA takes RSA Conference to task
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the emergence of OURSA to highlight diversity and the RSA Conference's lack of female keynote speakers.
-
Risk & Repeat: Assessing the Memcrashed attacks
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Memcrashed exploit and the recent trend of record-setting DDoS attacks against enterprises.
-
Risk & Repeat: Trustico certificate drama a cause for concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how a controversial move by reseller Trustico led to 23,000 Symantec SSL certificates being revoked.
-
Risk & Repeat: Is the cyberthreat landscape shifting to cryptomining?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how new attacks, like cryptojacking, may be supplanting previous top cyberthreats, such as ransomware.
-
Risk & Repeat: Intel bug bounty tackles side channel attacks
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.
-
Risk & Repeat: Cyberinsurance market gets a shake-up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies.
-
Risk & Repeat: Cryptomining malware on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the threat of cryptomining malware is evolving and what it means for enterprises and infosec vendors.
-
Risk & Repeat: Meltdown and Spectre mitigation efforts stumble
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Meltdown and Spectre mitigations efforts and why they're struggling with bad updates and miscommunication.
-
Risk & Repeat: Backdoor access, strong encryption debate rolls on
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the FBI's continued criticism of encrypted devices and the risks of vendor-created backdoor access points.
-
Risk & Repeat: Let's Encrypt certificates offer pros, cons
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Let's Encrypt certificates and weigh the positives and negatives the free certificate authority provides.
-
Risk & Repeat: Meltdown and Spectre vulnerabilities shake industry
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the discovery of the Meltdown and Spectre vulnerabilities and their effect on information security.
-
Business threat analytics: How does real-time data impact results?
Explore the top things you should know about real-time analytics with Johna Till Johnson and learn how it reduces false positives detected in your system on a daily basis.
-
Risk & Repeat: The TLS 1.3 clock continues to click
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the long wait for TLS 1.3 and the effects -- positive and negative -- the delays have had for enterprise security.
-
Risk & Repeat: Cybersecurity predictions for 2018
In this week's Risk & Repeat podcast, SearchSecurity editors offer their cybersecurity predictions for 2018, including forecasts for cryptojacking, DDoS attacks and other threats.
-
Risk & Repeat: Cryptojacking looms amid the bitcoin boom
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rising threat of cryptojacking and how hackers can steal computing power from unsuspecting users.
-
Risk & Repeat: The Bitcoin boom and its infosec effects
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent bitcoin boom and how the cryptocurrency's rising value could affect the cybersecurity landscape.
-
Risk & Repeat: Analyzing the accidental data breach
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise of accidental data breaches following a series of enterprise exposures of user data online.
-
Risk & Repeat: Uber data breach has implications for infosec
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Uber data breach, which was concealed by company officials, and the ethics of data breach disclosure.
-
Risk & Repeat: Vulnerabilities Equities Process gets an update
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the new charter for the Vulnerabilities Equities Process and what it means for the infosec community.
-
Risk & Repeat: App store security measures falling short
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent discovery of a fake WhatsApp app in the Google Play Store and what that means for app store security.
-
Risk & Repeat: Sale of Symantec Website Security completed
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the sale of Symantec Website Security to DigiCert and what it means for Symantec's troubled certificate business.
-
Risk & Repeat: Responsible encryption ramps up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent push from law enforcement officials for responsible encryption and what that may mean.
-
Risk & Repeat: Is vulnerability marketing problematic?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss vulnerability marketing and compare how the recent KRACK attack and ROCA flaw were publicized and promoted.
-
Risk & Repeat: DEFCON tackles voting machine security
In this week's Risk & Repeat podcast, SearchSecurity editors discuss DEFCON's efforts to improve voting machine security in the wake of hacking threats during the 2016 election.
Photo Stories
-
The evolution of MFA security tokens
-
Is FIDO authentication the future of online authentication products?
-
Slideshow: Five common Web application vulnerabilities and mitigations
-
Mobile security survey 2012 audio slideshow
Videos
-
AI security concerns keeping infosec leaders up at night
-
Telework security requires meticulous caution, communication
-
Where does security fit into SDLC phases?
-
Security behavioral analytics: The impact of real-time BTA
-
The OSI model layers explained: Get to know the network
-
As privacy requirements evolve, CISSPs must stay informed