Shows
The Everyday Jiu Jitsu PodcastThe Everyday Jiu Jitsu Podcast Ep 85: The Junny Lock Feat. Edwin “Junny” OcasioEdwin “Junny” Ocasio is a BJJ black belt under Murilo Santana and represents Unity Jiu-Jitsu Academy in New York. He is an IBJJF No Gi World, Pan, and European Champion, and is known for his unique leg entanglements and attacks. We discuss his recent success winning some major IBJJF titles, his pre-fight rituals, and we take a deep dive into his signature submission “The Junny Lock”.Please leave a review, subscribe, like, share, and comment if you can. It really helps to grow the show!Junny’s Instagram:@junny_bjj Junny’s Content:...
2024-12-041h 03
Cyber BitesCyber Bites - 15th November 2024* Google Pixel AI-powered Features To Combat Scam Calls* Apple's New Security Feature: Automatic Reboots to Protect Data* Massive Data Leak Exposes Employee Information from Over 25 Companies* Bitdefender Releases Free Decryptor for ShrinkLocker Ransomware* New Phishing Campaign Uses Fake Copyright Claims to Spread Malware This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-11-1405 min
AppSec UnlockedS1E9 - Open-Source Vulnerability Management Policy: A Balanced ApproachSeason 1: Open Source Security
Episode 9: Open-Source Vulnerability Management Policy: A Balanced Approach
In today's rapidly evolving cybersecurity landscape,
managing vulnerabilities in open-source components has become increasingly
complex. While traditional approaches relying solely on CVSS scores have their
merits, they may not be sufficient to address the exponential growth in
discovered vulnerabilities. A more nuanced and scalable approach is needed, one
that considers not only severity but also exploitability and potential impact.
2024-11-1109 min
Cyber BitesCyber Bites - 8th November 2024* Cloud Security Concerns Surge in APAC as Data Breaches Remain High* AI-Powered Scams: A Growing Threat* Western Sydney University Suffers Major Data Breach* New FakeCall Malware Targets Android Users for Financial Fraud* UK Regulator Warns Financial Firms After CrowdStrike Outage* OWASP Releases GenAI Security Guidelines This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-11-0709 min
Cyber BitesOpen-Source Vulnerability Management Policy: A Balanced ApproachThis episode is a replay from our sister podcast AppSec UnlockedIn today's rapidly evolving cybersecurity landscape, managing vulnerabilities in open-source components has become increasingly complex. While traditional approaches relying solely on CVSS scores have their merits, they may not be sufficient to address the exponential growth in discovered vulnerabilities. A more nuanced and scalable approach is needed, one that considers not only severity but also exploitability and potential impact. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus...
2024-11-0409 min
AppSec UnlockedS1S8 - A Cautionary Tale on Supply Chain Attacks: My Recent Encounter with a Compromised NPM LibrarySeason 1: Open Source Security
Episode 8: A Cautionary Tale on Supply Chain Attacks: My Recent Encounter with a Compromised NPM Library
This is a rebroadcast from the CyberBites podcast as it is related to application security and open source supply chain.
2024-11-0405 min
Cyber BitesYour Site Was Hacked, and You Never Knew About It: My Real-Life Encounter with a Supply Chain AttackAn out of band update on my real life encounter with a supply chain attack This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-11-0105 min
Cyber BitesCyber Bites - 1st November 2024* AI Transcription Tool "Whisper" Creates Fabricated Text, Raising Concerns in Healthcare and Beyond* Massive UN Data Leak Exposes Personal Information of Violence Against Women Victims* Mandiant Report: Exploited Vulnerabilities Reach Record Lows in Time to Patch, But Zero-Days on the Rise* Fake Browser Update Malware Targets WordPress Sites via Malicious Plugins* Large-Scale Operation Steals Cloud Credentials from Exposed Git Repositories This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-10-3107 min
Cyber BitesCyber Bites - 25th October 2024* Anthropic's New AI Can Interact with Computers, Raising Safety Concerns* Internet Archive Hit Again: Exposed Tokens Lead to Zendesk Email Breach* Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor* Half of Businesses Underestimate SaaS Security Risks, Culture Blamed* Cyber Skills Gap Widens, Nearly 90% of Businesses Link Breaches to Lack of Expertise This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-10-2405 min
AppSec UnlockedS1E7 - Introduction to SSVCSeason 1: Open Source Security
Episode 7: Introduction to StakeholderSpecific
Vulnerability Categorization (SSVC)
Introduction to a transformative risk-based approach to vulnerability management
Why SSVC, especially when we already have CVSS
How SSVC works and how to use it
Challenges and considerations
Real-world example
2024-10-2109 min
Cyber BitesCyber Bites - 18th October 2024* North Korean Hackers Target Tech Job Seekers with Fake Interviews and Malware* Internet Archive Hack Exposes Data of 31 Million Users* Australian Government Introduces Sweeping Cybersecurity Bill* Smart TVs: A Privacy Nightmare Fueled by Data Harvesting and Invasive Ads* iPhone Mirroring at Work Exposes Private App Data to Employers This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-10-1708 min
Cyber BitesCyber Bites - 11th October 2024* Ecovacs Robot Vacuums Collect Home Images for AI Training, Raising Privacy Concerns* Deepfakes on the Rise: Threatening Trust and Security* Meta Ray-Ban Glasses Hacked into Real-Time Facial Recognition Tool* Apple Patches Privacy Bugs in iOS 18: Passwords Read Aloud and Early Voice Message Recording* Cloudflare Mitigates Record-Breaking 3.8 Tbps DDoS Attack This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-10-1008 min
AppSec UnlockedS1E6 - Software Composition Analysis Selection CriteriaSeason 1: Open Source Security
Episode 6: Software Composition Analysis Selection Criteria
The Language of Love (and Code)
Accuracy: The Goldilocks Zone
Speed: Because Time is Money (and Sanity)
Remediation: The Path of Least Resistance
User-Friendly: No Computer Science Degree Required
Timing is Everything
The Never-Ending Story
2024-10-0707 min
Cyber BitesCyber Bites - 4th October 2024* CISA Boss Calls for More Secure Software Development* NIST Proposes Sweeping Changes to Password Policies: Mandatory Resets and Character Rules Out* Critical Vulnerability Found in Nvidia Container Toolkit* Remote Code Execution Flaw Found in CUPS Printing System (Limited Impact)* Privacy Group Claims Mozilla's "Privacy-Preserving" Feature Tracks Users* ServiceNow Outage Caused by Expired Root CertificateSpecial Thanks to Justin Butterfield once again for contributing some of the interesting stories for this week’s cyber bites. This is a public episode. If you would li...
2024-10-0308 min
Cyber BitesCyber Bites - 27th September 2024* CISA and FBI Urge Software Makers to Eliminate Cross-Site Scripting Vulnerabilities* Paying Ransomware Doesn't Guarantee File Recovery, Even With Decryptor* US Dismantles Chinese Government-Linked Botnet Targeting Hundreds of Thousands of Devices* Clever 'GitHub Scanner' Campaign Abusing Repos to Push Malware* Australian Government Suffers Surge in Cyber Attacks, Social Engineering Most Common TacticSpecial Thanks to Justin Butterfield once again for contributing some of the interesting stories for this week’s cyber bites. This is a public episode. If you would like to di...
2024-09-2607 min
AppSec UnlockedS1E5 - Embarking on the Open Source Security JourneySeason 1: Open Source Security
Episode 5: Embarking on the Open Source Security Journey.
When Organisations Take the Leap
The Crucial Role of Awareness and Buy-in
The First Steps: Gaining Visibility
Key Takeaways for a Successful Program
Practical Steps and Resources
2024-09-2307 min
Cyber BitesCyber Bites - 20th September 2024* Millions of Devices at Risk as Microsoft and Google Disable Insecure Email Login Method* Cybersecurity Giant Fortinet Confirms Data Breach, Downplays Impact* New Laws Target Banks, Telcos and Tech Giants in Fight Against Scams* Online Voucher Scam Targets Sydney Restaurants Using Square POS* TfL Staff Face In-Person Password Resets After CyberattackSpecial Thanks to Justin Butterfield once again for contributing some of the interesting stories for this week’s cyber bites. This is a public episode. If you would like to discuss this with other subscribers or...
2024-09-1909 min
Cyber BitesCyber Bites - 13th September 2024* AI-Powered Voice Cloning Scams on the Rise* Cyberattack Disrupts Transport for London Services* Typosquatting Threatens Developers: Malicious Code in GitHub Actions* New Supply Chain Attack Hijacks Removed PyPI Packages* White House Aims to Strengthen Internet Routing Security This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-09-1214 min
AppSec UnlockedS1E4 - 5 Steps for Securing Your Open Source Supply ChainSeason 1: Open Source Security
Episode 4: 5 Steps for Securing Your Open Source Supply Chain
Most modern applications are assembled from open-source components with developers typically writing less than 15% of the code for their application. Here are the 5 Steps for securing your open source supply chain.
Step 1: Maintain a Software Bill of Materials (SBOM)
Step 2: Perform Due Diligence - Scan for Vulnerabilities
Step 3: Have a Centralized Artifact Repository - Use Only Approved Software
Step 4: Always Use Latest - Don't Use Stale Components
2024-09-0910 min
Cyber BitesCyber Bites - 6th September 2024* Singapore's Consumer Watchdog Fined for Data Breaches, Failed to Secure Consumer Information* Research Study: What's The Worst Place to Leave Your Secrets* Critical Infrastructure Under Threat: Zero-Day Vulnerability Exploited to Spread Mirai Botnet* Banks Under Fire for Inadequate Scam Protection as Victims Suffer* FIDO Security Token YubiKey 5 Vulnerable to Cloning Attacks* Critical Vulnerability Found in Airport Security SystemSpecial Thanks to Justin Butterfield for contributing some of the interesting stories for this week’s cyber bites. This is a public episode. If yo...
2024-09-0509 min
Cyber BitesCyber Bites - 30th August 2024* Cybersecurity: The Need for a Wake-Up Call* Digital Banks: Boon for Customers, Target for Scammers?* ASD Warns of Phishing Emails Targeting Australians* New Guidance Released on Best Practices for Event Logging and Threat Detection* Local Networks Exposed: A Flaw in Domain Naming Creates Security Nightmare This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-08-2906 min
AppSec UnlockedS1E3 - How Secure Is Open Source SoftwareSeries 1: Open-Source Security
Episode 3: How Secure Are Your Open Source Software
Get ready for an eye-opening episode that could change the way you think about the building blocks of modern applications.
The Open-Source Paradox
The Security Controls Gap
The Open-Source Enigma
The Due Diligence Disparity
The Cost of Insecure Open Source: A Walk Down Memory Lane
Best Practices for Secure Open-Source Usage
2024-08-2610 min
Cyber BitesCyber Bites - 23rd August 2024* Thousands of Websites Exposed AWS Credentials, Leading to Large-Scale Extortion Campaign* Mac Users Beware: Microsoft Apps May Have Allowed Hackers to Spy on You* Ransomware on Track for Record Year Despite Fewer Victims Paying* FlightAware Data Breach Exposes User Information for Years* GitHub Actions Exposing Authentication Tokens in Popular Open-Source ProjectsSpecial Thanks to Justin Butterfield once again for contributing some of the interesting stories for this week’s cyber bites. This is a public episode. If you would like to discuss this with ot...
2024-08-2210 min
Cyber BitesCyber Bites - 16th August 2024* Background Check Company National Public Data Hit by Massive Data Breach Affecting Nearly 3 Billion People* Trojan Malware Campaign Hijacks Browsers, Steals Data of Over 300,000 Users (https://reasonlabs.com/research/new-widespread-extension-trojan-malware-campaign)* Australian Gold Miner Evolution Hit by Ransomware Attack* Critical Browser Flaw Exposes Local Networks to Attack via "0.0.0.0"* Hackers Breaches Educational Security Software Company and Wipes 13,000 students’ iPads and Chromebooks This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-08-1507 min
AppSec UnlockedS1E2 - Do Your Applications Have A Software Bill of Materials?Season 1: Open Source Security
Episode 2: Do Your Applications Have A Software Bill of Materials?
“Oh, I didn’t realise we were exposed to as I didn’t think that application was using .”
I often heard such comments during the initial stages of our application security uplift. There was a lack of visibility on what open-source components applications relied on. Developers were often surprised, and sometimes in disbelief, as most of these vulnerable software components weren’t listed as application dependencies; they were transitive dependencies.
In this episode we're diving into...
2024-08-1213 min
Cyber BitesCyber Bites News - 9th August 2024* Australia to Mandate Ransomware Payment Disclosure* Hackers Abuse Free Cloudflare Tunnels to deliver Remote Access Trojans* Stack Exchange Used by Threat Actors to Promote Malicious Open Source Components* Hackers Poison Software Updates Through ISP Breach This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-08-0804 min
Cyber BitesCyber Bites News - 2nd August 2024* New Podcast Aims to Unlock Secrets of Application Security* SBOMs: A Crucial Tool Hampered by Standardization Issues* Mysterious Rings and QR Codes: The Emergence of Brushing Scams* France Battles Cyberespionage Ahead of Olympics* GitHub's Dark Secret: Deleted Data Never Really Dies This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-08-0109 min
AppSec UnlockedS1E1 - You're Using More Open-Source Than You RealizeSeason 1: Open Source Security
Episode 1: You're Using More Open-Source Than You Realise
We're diving into a topic that might surprise you: "You're Using More Open-Source Than You Realize." Get ready for an eye-opening episode that could change the way you think about your applications.
• The Open-Source Reality Check
• Real-World Example: The Log4j Wake-Up Call
• The Rise of AI in Development
• The Exponential Growth of Open-Source Usage
• The Log4j Saga Continues
• Why Are We Still at Risk?
• The Hidden Costs of Open-Source
• Best Practices for Managing Open-Source
2024-07-3010 min
AppSec UnlockedIntroductionWelcome to AppSec Unlocked, the podcast that's all about
demystifying application security and empowering developers and security professionals alike. I'm your host, Edwin Kwan, and I'm thrilled to kick off this exciting journey with you.
What is AppSec Unlocked?
AppSec Unlocked is your key to understanding the complex world of application security. Whether you're a seasoned security professional, a curious developer,
or somewhere in between, this podcast is designed to provide you with actionable insights, expert interviews, and the latest trends in the rapidly evolving field of application security.
2024-07-2905 min
Cyber BitesCrowdStrike Incident - Lessons Learned In DevSecOps and BCPThe recent CrowdStrike update that led to a global IT outage and the infamous Blue Screen of Death (BSOD) on millions of Windows machines. This incident has brought to light critical lessons in DevSecOps and the importance of Business Continuity Planning (BCP). Joining me today is a very special guest, Denny Wan who is the Founder of the Reasonable Security Institute, an expert in cybersecurity and risk quantification. We’re going to speak about lessons learned in DevSecOps and BCP and get his thoughts and insights.A video recording of the interview is also available be...
2024-07-2728 min
Cyber BitesCyber Bites News - 26th July 2024* Hackers Capitalize on CrowdStrike Outage with Phishing and Malware Attacks* Massive Data Breach at Australian Prescription Service MediSecure* 20 Million Domains at Risk from New Email Spoofing Attacks* Google U-Turns on Third-Party Cookie Phaseout* North Korean Hacker Poses as IT Worker in Attempted Cyberattack This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-07-2511 min
Cyber BitesThoughts on CrowdStrike IncidentAre there a lot more assumed trust in global cybersecurity vendors that security professionals assess them with less rigor compared to other vendors? This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-07-2406 min
Cyber BitesCyber Bites News - 19th July 2024This week, we'll be covering five major stories:1. AT&T's massive data breach affecting 109 million customers2. Key findings from the 2024 SANS SOC Survey3. Cloudflare's report on the rapid exploitation of vulnerabilities4. A new ransomware gang targeting unpatched Veeam software5. A leaked GitHub token that exposed Python to potential tampering This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-07-1809 min
Cyber BitesCyber Bites News - 12th July 2024This week we're looking at leaked Ticketmaster tickets, major security flaw affecting almost every Apple Device, booking.com scams, US government failure to investigate SolarWinds and Hackers having second thoughts after crippling Indonesian government systems.* Hackers Leak Ticketmaster Print-at-Home Tickets, Threatening Fans and Event* Major Security Flaw in CocoaPods Exposes Millions of Apple Devices to Supply Chain Attacks* Booking.com Scams: How to Avoid Getting Stung During Vacation Booking* US Govt Board Failed to Investigate Major Cyberattack Despite Presidential Order* Hackers Apologize After Crippling Indonesian Government Systems, Release Encryption Key This is...
2024-07-1111 min
Cyber BitesYou're Using More Open-Source Than You RealizeMy recent conference presentation on open-source security revealed a common theme. Audience members didn’t realize how pervasive open-source is. Everyone in the audience knew that their organization uses a fair number of open-source components, but they thought that it only makes up a small percentage of their applications, at around 30% or less. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
2024-07-0503 min
BJJ Mental ModelsEp. 268: When to Optimize, feat. Edwin "Junny" OcasioThis week we're joined by Edwin "Junny" Ocasio! Fresh off his first world championship win, Junny joins us to expand on a conversation he had with Emily Kwok on The Highest Levels (an ongoing BJJMM Premium podcast).In this episode, Junny explains how he thinks about optimization, when to dig deeper into optimizing an area of his game, and how to avoid over-optimizing.Follow Junny on Instagram:https://www.instagram.com/junny_bjjSubscribe to Junny's YouTube channel:https://www.youtube.com/c/junnyocasioGet Junny's instructionals on BJJ F...
2024-01-221h 07
It's 5:05! Daily cybersecurity and open source briefingPoV Friday: 2024 Predictions for AI and Cyber Legislation with Trac Bannon, Edwin Kwan, Olimpiu Pop, and Shannon Lietz It's January 12th, 2024, and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is what does the future look like for AI and cyber legislation? We have perspectives from Edwin Kwan in Sydney, Australia, Trac Bannon and Camp Hill, Pennsylvania, Olympia Pop from Transylvania, Romania. We'll begin with Shannon Lietz in San Diego, California on the Win, Lose or Draw when considering cyber legislation. Resources and 300+ episodes, all free, all ungated:https://505updates.com/
2024-01-1212 min
It's 5:05! Daily cybersecurity and open source briefingPoV Friday: 2024 Predictions for AI with Edwin Kwan, Trac Bannon, Olimpiu Pop and Shannon LietzFrom @Sourced Network Productions, It's 5:05!, the Podcast , with your daily cybersecurity and opensource news headlines. 🎙️ Free, ungated access to 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: bit.ly/505-updatesIt’s January 5, 2024, and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today’s point of discussion is “What does the near future look like for AI, what should you consider when utilizing AI for your personal use or business solution?”Today’s contributors are Trac Bannon from Camp Hill Pennsylvania, Olimpiu Pop from Transylvania Romania, Shannon Lietz from San Diego...
2024-01-0515 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #304: Edwin Kwan: Google Chrome Safety Check Feature Enhancements; Shannon Lietz: EU CRA: Win | Lose | Draw; Olimpiu Pop: Year in Review: Ukraine and the cyberwar; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 31st, 1999. The world waits in anticipation of the year 2000 and the potential disasters that might be brought about by the Y2K bug. Just for fun, I set up my home with a remote control to turn off all the lights in my house and the TV our friends would be watching at our New Year's Eve party. Seconds after mid...
2023-12-2914 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #303: Edwin Kwan: Chrome Users Infected via Fake VPNs in Video Game Torrents; Ian Garrett: 6 Key Aspects of SEC Rules for Data Breaches; Olimpiu Pop: Cybersecurity Legislation (CRA, US Legislation); Marcel Brown: This Day in Tech HistoryFree, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 28th, 1895. The world's first projected movie screening takes place at the Salon Indien du Grand Café in Paris, France. 33 people attend at the admission price of 1 franc each to view 10 films at about 50 seconds each.Edwin Kwan: Three malicious Chrome extensions disguised as VPNs infected approximately 1. 5 million users. The extensions - netPlus, netSafe, and netWin - were distributed thr...
2023-12-2809 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #302: Edwin Kwan: Developers Ignore Critical Flaw in Apache Struts 2 Framework; Hillary Coover: The Quantum Computing Revolution and Global Security; Olimpiu Pop: 2023 in Review: AI Legislation; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 27th, 1968. Apollo 8 splashes down in the Pacific Ocean, ending the first manned orbit of the moon. When the spacecraft hit the water, the parachutes dragged it over and left it upside down. Because they were being buffeted by 10 foot swells, astronaut Frank Borman actually got sick and vomited. Welcome back to Earth, Frank.Edwin Kwan: A critical remote code...
2023-12-2709 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #301: Edwin Kwan: Critical Vulnerability Threatens SSH Security; Hillary Coover: National Grid Removes China-Based Supplier's Components; Ian Garrett: Ransomware Evolves to Extortionware Threat; Olimpiu Pop: 2023 in Review: Cybersecurity and the Supply Chain; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 25th, 1990. Merry Christmas, everyone. Tim Berners Lee, a British scientist working at the European Organization for Nuclear Research, otherwise known as CERN, along with his associate, Robert Kaliau, were operating the first web server, info.cern.Ch, and first web browser slash editor, World Wide Web, which were reportedly able to communicate over the internet by this date.Edwin Kwan...
2023-12-2614 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #300: Edwin Kwan: SMTP Smuggling ByPasses Email Security Controls; Hillary Coover: Researchers Seek to Unmask Hackers Through Code Analysis and AI; Marcel Brown: This Day in Tech History; Katy Craig: CISO Accountability: Framework for Compliance; Trac Bannon: CISO Accountability: The buck stops… where?; Olimpiu Pop: CISO Accountability: Compliance is not SecurityFree, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 22nd, 1882. Edward Johnson, an associate of Thomas Edison, has walnut sized bulbs made specifically for him to wire his Christmas tree with electric light. The eighty red, white, and blue bulbs formed the first set of electric Christmas tree lights in history.Edwin Kwan: A recently discovered SMTP smuggling technique is allowing cyber attackers to sidestep email security p...
2023-12-2216 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #299: Edwin Kwan: Terminated Bank Cloud Engineer Sabotages Systems; Hillary Coover: Unauthorized Access to MongoDB Corporate Systems; Ian Garrett: Insights from the Microsoft Digital Defense Report 2023; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Edwin Kwan: A former cloud engineer at a bank was terminated for violating company policies, including inappropriate laptop use. After he was fired, the employee went home and used a company issued laptop to launch attacks on the bank's network. Hillary Coover: Database management company MongoDB is currently investigating a security incident that has led to the exposure of some customer info...
2023-12-2106 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #298: Edwin Kwan: Ubiquiti User Accounts Suffer Data Breach; Katy Craig: Xfinity Acknowledges 36 Million Customer Accounts Breached; Hillary Coover: L.L. Bean's Surprising Stance on Data Privacy; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 20th, 1996. In a surprise move at the time, Apple Computer announces their intention to purchase Steve Jobs' company, NeXT, and bring Steve Jobs on board as an advisor to CEO Gil Amelio. Along with the leadership of future CEO Steve Jobs, the resurgence of Apple in the 2000s, and the emergence of the new world of technology can be traced bac...
2023-12-2009 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #297: Edwin Kwan, My Personal Experience with SMS Impersonation Scams; Hillary Coover, Europe Probes Elon Musk's X Over Disinformation Handling; Ian Garrett, Cybersecurity, Artificial Intelligence, and Nuclear weapons, Oh my!From @Sourced Network Productions, @It's 5:05!, the Podcast , with your daily #cybersecurity and #opensource news headlines. 🎙️ Free access to 280+ episodes of “It’s 5:05!” on your favorite #podcast platforms: bit.ly/505-updatesIn this episode: Marcel Brown: This day in Tech HistoryDecember 19th, 1974. Micro Instrumentation and Telemetry Systems, otherwise known as MITS, begins selling the Altair 8800 microcomputer kit. It is one of the most important computers in history, for it inspired the first generation of entrepreneurs that created the personal computer industry.Edwin Kwan: My Personal Experience with SMS Impersonation ScamsI was rec...
2023-12-1910 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #296: Edwin Kwan: 38% of Apps Still Exposed to Log4J Vulnerability; Katy Craig: Is My Phone Spying on Me?; Hillary Coover: Foreign Geographic Software Poses National Security Threats; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 17th, 1903. Orville and Wilbur Wright make their famous first controlled and sustained flights with a heavier than air, powered aircraft. Orville made the very first flight, which lasted about 12 seconds. Edwin Kwan: It's been almost three years since the critical Log4j vulnerability was disclosed. Despite patches being available shortly after vulnerability disclosure, many organizations persistently u...
2023-12-1810 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #295: Edwin Kwan: Apple Beta Testing Stolen Device Protection Feature; Marcel Brown: This Day in Tech History; Katy Craig: EU AI Act: Significant Milestone in AI Regulation; Trac Bannon: EU AI Act: Does it Leave U.S. in the Dust?; Shannon Lietz: EU AI Act: Win, Lose, or Draw?; Olimpiu Pop: EU AI Act: A Baseline for RegulationFree, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 16, 2003. The CAN SPAM Act of 2003 is signed into United States law. Passed in an attempt to control the growing deluge of junk email, the law's effectiveness is dubious at best. Especially considering political spam is exempt from the law.Edwin Kwan: Apple will soon be introducing a stolen device protection feature, which is aimed at enhancing security if an...
2023-12-1517 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #294: Edwin Kwan: Over 50% Insider Attacks Involve Privilege Elevation Exploits; Katy Craig: Malware Deployment Strategy against Adobe ColdFusion; Ian Garrett: Where Will Cyber Leaders Focus on AI in 2024; Marcel Brown: This Day in Tech History Free, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 14th, 1902. The cable ship Silvertown begins laying the first Transpacific telegraph cable from San Francisco, destined for Honolulu, Hawaii. On January 1st, 1903, the connection between Hawaii and San Francisco was established.Edwin Kwan: A research study based on data from January 2021 to April 2023 shows a rise in insider threats, with 55% relying on privilege escalation exploits and the remaining 4...
2023-12-1409 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #293: Edwin Kwan: Messenger and Facebook: Default End to End Encryption; Hillary Coover: Campaign Targets Taiwan Elections with Stolen Identities and Disinformation; Katy Craig: North Korea’s Lazarus Still Exploiting Log4j; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 16, 2016. After a long delay, Apple finally releases their new wireless earbuds, the Apple AirPods. Within two years, they became Apple's most popular accessory, and today are some of the most popular and well recognized earbuds in the market. Hillary Coover: A covert campaign dating back to May 2022 is distorting conversations about Taiwan's upcoming elections. The Graphika report exposes...
2023-12-1308 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #292: Edwin Kwan: 5Ghoul Vulnerabilities Affecting Most 5G Smart Phones; Katy Craig: P2PInfect: Evolving to Target Routers and IoT Devices; Ian Garrett: That Job Candidate Might Be a Hacker; Mark Miller: This Day in Tech HistoryFree, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Mark Miller: December 12th, 1980. Apple computer holds their initial public offering selling 4.6 million shares at $22 per share, and turning more than 40 Apple employees and investors into instant millionaires. Edwin Kwan: A set of 14 security vulnerabilities named "5Ghoul" has been discovered in the firmware implementation of 5G mobile network modems from major chipset vendors like MediaTek and Qualcomm. The flaw impacts USB and IoT...
2023-12-1208 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #291: Edwin Kwan: Critical Vulnerabilities Affect Multiple Atlassian Products; Hillary Coover: Russian Deepfake: Celebrities Used in Disinformation Against Ukraine; Mark Miller: Gemini: A fake it till you make it demo by Google; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 11th, 2008. Google releases the first stable, public version of their new web browser, Chrome. By 2013, Chrome had bypassed Microsoft's Internet Explorer and Mozilla Firefox to become the most popular web browser in the world, and is still considered so today.Edwin Kwan: Atlassian has issued an email warning customers of four critical vulnerabilities, each rated 9.0 or higher. Conflue...
2023-12-1108 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #290: Edwin Kwan: Bluetooth Authentication Bypass Vulnerability in Apple and Linux; Marcel Brown: This Day in Tech History; Trac Bannon: OWASP BOM Maturity Model: Is It Valuable?; Katy Craig: OWASP BOM Maturity Model: A Benefit for Consumers; Olimpiu Pop: OWASP BOM Maturity Model: Is it too soon?; Shannon Lietz: OWASP BOM Maturity Model: Win, Lose, or Draw?Free, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 8th, 1975. Paul Terrell opens the Byte Shop in Mountain View, California, one of the first retail computer stores in the world. Paul Terrell and the Byte Shop are most famously known for ordering the first 50 computers from Steve Jobs and Steve Wozniak's fledgling Apple Computer Company in 1976.Edwin Kwan: A Bluetooth authentication bypass vulnerability has been discovered to be im...
2023-12-0817 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #289: Edwin Kwan: Malicious Wordpress Plugin Issues Fake Security Advisories; Katy Craig: Feds surveilling us via push notifications; Mark Miller: Special Report: ChatGPT Isn’t the Only AI Game in Town; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 7, 1999. The Recording Industry Association of America sues the peer to peer file sharing service Napster, alleging copyright infringement for allowing users to download copyrighted music for free. The recording industry in general was caught with its pants down when it came to digital music and the internet.Edwin Kwan: WordPress administrators are being targeted by a fake security advisory...
2023-12-0713 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #288: Edwin Kwan: WhatsApp Updates Password Security; Katy Craig: AI Alliance to Compete with Closed Source LLMs; Hillary Coover: 23andMe: Guard Your DNA Data, Protect Your Family; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 6, 1994. Apple sues the San Francisco Canyon Company, alleging they helped Intel and Microsoft steal code developed under contract for QuickTime for Windows. Apple was threatening Microsoft with a multi-billion dollar lawsuit that was famously settled by Steve Jobs and Bill Gates in 1997. This settlement is now believed to have helped Apple survive long enough to transform themselves in the 2000s, ush...
2023-12-0610 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #287: Edwin Kwan: Mandatory Data Breach Notification Coming to Queensland; Ian Garrett: Deepfakes: A Growing Concern for 2024 Election Security; Katy Craig: A Prickly CACTUS: Ransomware to Encrypt and Exfiltrate Data; Mark Miller: This Day in Tech HistoryFree, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Mark Miller: December 5th, 1965. The first PhD dissertation in computer science is presented. Richard L Wexelblat was the first candidate in a computer science program to complete a dissertation. Wexelblat's diploma presented by the University of Pennsylvania, the home of ENIAC, was the first one to carry the designation, "Computer Science". Ian Garrett: Enhancements to AI platforms have been incredible for the...
2023-12-0509 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #286: Edwin Kwan: Discovered Zoom Vulnerability Allows Account Hijacking; Katy Craig: LogoFAIL: New UEFI Vulnerabilities Threaten Device Firmware Security; Hillary Coover: Secure Shopping Strategies: Navigating the Peak Season with Virtual Credit Cards; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 3rd, 2001. Inventor Dean Kamen unveils the Segway self-balancing battery-powered vehicle on the TV show Good Morning America. The Segway uses computers and motors in its base to keep itself upright while the user is riding it. While the original Segway was not considered a commercial success, it definitely became a familiar icon of personal transportation. Edwin Kwan: Security resea...
2023-12-0409 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #285: Edwin Kwan: Apple Releases Emergency Zero-Day Security Updates; Macrel Brown: This Day in Tech History; Katy Craig: AI Guidelines: US and EU Release Secure AI System Development Guidelines; Olimpiu Pop: AI Guidelines: Can governments protect us from AI?; Trac Bannon: AI Guidelines: Can CISA and her partners keep up the pace?Free, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 1st, 1996. America Online launches a new subscription plan offering their subscribers unlimited dial up internet access for $19.95 a month. Previously, AOL charged $9.95 a month for 5 hours of usage. The new plan brought in over 1 million new customers to AOL within weeks, and daily usage doubled among subscribers, to a whole 32 minutes per day.Edwin Kwan: Apple has urgently rel...
2023-12-0117 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #284: Edwin Kwan: Are We Sharing Too Much on LinkedIn?; Katy Craig: MITRE ATLAS: Mapping Security Vulnerabilities in AI; Ian Garrett: The Two Faces of Cybersecurity Investing; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 30th, 2009. Book retailer Barnes Noble releases their first Nook eReader to compete with the highly successful Amazon Kindle, released two years earlier. Edwin Kwan: Are we sharing too much on LinkedIn? Daniel Barbosa from WeLiveSecurity recently published an article on the potential risks associated with the wealth of personal information shared on LinkedIn, which is the world's largest profe...
2023-11-3009 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #283: Edwin Kwan: Australian Banks Begin Blocking Transfers to Suspect Accounts; Katy Craig: Google’s Cybersecurity Forecast: The Growing Influence of AI; Hillary Coover: Hacker's Haven: Cocaine Infiltration Unveiled in Europe's Biggest Ports; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 29th, 1972. Atari introduces their first product, Pong, which would become the world's first commercially successful video game. Nolan Bushnell installed the game at Andy Capp's Tavern in Sunnyvale, California on this day. There were 10,000 machines installed within four months. Edwin Kwan: In 2023, Australians suffered over $400 million in losses due to scams. The actual figure is believed to be much higher...
2023-11-2913 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #282: Ian Garrett: Deprecation of Defender Application Guard for MS Office; Edwin Kwan: Open Source 3D Design Suite Targeted by DDoS; Katy Craig: US and UK: Joint Guidelines for AI System Security; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 28, 1948. Just in time for the Christmas shopping season, 57 units of the first commercial instant camera, the Polaroid Land Camera Model 95, go on sale at the Jordan Marsh Department Store in Boston. Polaroid believed that 57 units would be enough to last through Christmas.Edwin Kwan: Open Source Blender Project is being targeted by Distributed Denial of Service attacks resulting...
2023-11-2810 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #281: Edwin Kwan: OwnCloud App Suffers Three Critical Vulnerabilities; Katy Craig: AI-Enabled Autonomous Vehicles and Lethal Weapons; Hillary Coover: Debunking the Incognito Shopping Myth; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 27, 1995. Nearly six months to the day after Bill Gates sent his Internet Tidal Wave memo recognizing the importance of the Internet, and only three months after releasing version 1.0, Microsoft releases Internet Explorer 2.0 for Windows 95 and Windows NT 3.5.Edwin Kwan: Three critical vulnerabilities have been reported to affect OwnCloud, exposing users to potential data breaches. One of these flaws, with a m...
2023-11-2710 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #280: Edwin Kwan, Australia Shelves Plan To Ban Ransomware Payments; Trac Bannon, OpenAI:Should Camelot Be Restored?; Katy Craig, Sam Altman's Triumphant Return; Shannon Lietz, OpenAI and Microsoft: Win, Lose, or Draw?; Olimpiu Pop, OpenAI Opened the Window to the Future.🎙️ Free, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates.Marcel BrownNovember 25, 2002. Digital media software company, Roxio, purchases the assets of the former Napster, including name, logo, domain name, technology portfolio, and other intellectual property. Roxio was the first company to attempt to use the Napster brand for a music service, renaming PressPlay as Napster 2.0.Edwin Kwan The Australian government has shelved plans to ban ransomware payments to cybercriminal groups for at least two years. The government had put the question to the industry in...
2023-11-2419 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #279: Edwin Kwan, Australian Government Releases New Cybersecurity Strategy; Ian Garret, Move Over Phishing, Quishing is the New Scam; Olimpiu Pop, Software Supply Chain Trends - Part 2🎙️ Free, ungated access to all 235+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. Marcel Brown, St. Louis, MissouriNovember 23rd, 2004. Blizzard Entertainment releases the massively multiplayer online role playing game, World of Warcraft. It quickly became the most popular MMORPG of all time. In the nearly 20 years since its release, World of Warcraft has had 9 major expansion packs, with 3 more expansion packs already planned for the future. Edwin Kwan, Sydney, Australia The Australian government has released its revised cybersecurity strategy for its plan to become a w...
2023-11-2310 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #278: Edwin Kwan: Canadian Government Impacted by Third Party Breach; Hillary Coover: COO Attacks Local Hospitals for Business Gain; Olimpiu Pop: Software Supply Chain Report: 245.000 malicious packages deployed; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 275+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 22, 2005. Microsoft releases the Xbox 360, the second generation of their popular game console. And on November 22, 2013, exactly 8 years later, Microsoft released the Xbox One, which makes absolutely no sense.Edwin Kwan: Two third party service providers for the Canadian government have suffered breaches resulting in data in the last 24 years being potentially compromised. The servers that were impacted by the br...
2023-11-2209 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #277: Edwin Kwan: Malicious Android Banking Apps Targeting Users in India; Ian Garrett: M&A Deals that Look into the Future of the Cybersecurity Industry; Katy Craig: SEC Sues SolarWinds: Part II; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 275+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 21st, 1877. Thomas Edison announces his invention of the phonograph, a way to record and play back sound. As often happens with many great inventors, Edison stumbled upon this particular invention while working on a way to record telephone communication at his lab in Menlo Park, New Jersey.Edwin Kwan: Security researchers have uncovered a malware campaign to steal se...
2023-11-2110 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #276: Edwin Kwan: Australia's First Cyber Security Coordinator Recalled; Katy Craig: SEC Sues SolarWinds for Misleading Investors; Hillary Coover: A New Breed of Cybercrime Targeting Teenage Boys; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 275+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 19th, 2006. Nintendo releases the Wii game console to compete with the Sony PlayStation 3 and Microsoft Xbox 360. By foregoing raw computing power for increased player interaction, utilizing the innovative motion-sensitive "Wiimote" controller, the Wii defied expectations and became the best selling 7th generation game console. Edwin Kwan: Australia's first cybersecurity coordinator has been recalled to Defence after just four mont...
2023-11-2009 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #275: Edwin Kwan: Popular WordPress Plugin Exposes over 600K to Attacks; Marcel Brown: This Day in Tech History; Katy Craig: EU AI Act; Shannon Lietz: The AI Act; Olimpiu Pop: To Regulate Or Not To Regulate AI in EUFree, ungated access to all 275+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 17th, 1970. Douglas Engelbart receives a U. S. patent for his XY Position Indicator for a display system, more commonly known as the computer mouse. Engelbart called his device a mouse because the cord looked like a tail. Edwin Kwan: A popular WordPress plugin has been discovered to be vulnerable to a high-severity vulnerability. There are currently more than 600...
2023-11-1714 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #274: Edwin Kwan: Cyberattack Threatens Australian Christmas; Ian Garrett: $500k Compensation for the Top 25% of Cybersecurity Professionals; Mark Miller: OpenAI Takes a Run at Startups Investments that Use Their Platform; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 270+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 16, 1982. Steve Jobs writes a letter to Macintosh Labs asking for the rights to use Macintosh as the brand name of Apple's still-in- development computer. Gordon Gao, president of Macintosh Labs, visited Apple headquarters for a product demonstration. However, Macintosh lawyers advised Gao to reject the request.Edwin Kwan: DP World Australia suffered a cyber attack which disrupted its l...
2023-11-1610 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #273: Edwin Kwan: OpenAI Suffered DDOS Attack Resulting in Intermittent Outage; Katy Craig: Citrix Bleed; Hillary Coover: Holiday Shopper Alert: Protect Your Finances from Cyber Grinches!; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 270+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 15, 1996. The first version of ICQ, the Internet's first popular instant messaging program, is released by four high school students from Israel. By the end of 1997, ICQ had more than 5 million users, and in mid-1998, AOL purchased the company for $407 million. Edwin Kwan: Users of OpenAI's API, ChatGPT, and Dall-E services were experiencing intermittent outages. They would see messages from...
2023-11-1510 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #272: Edwin Kwan: Signal Testing Use of Usernames to Keep Phone Number Private; Ian Garrett: Identity-based Security is the New Perimeter; Hillary Coover: Decoding Tomorrow's Defense: The Rise of Deception Technology in Cybersecurity Strategies; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 270+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 14, 1971. NASA's Mariner 9 reaches the planet Mars and becomes the first man-made object to orbit another planet. Edwin Kwan: Signal has started testing the use of account usernames to allow users to keep their phone numbers private. Users would be able to turn off phone number discovery in their privacy settings and only allow the username to be the primary w...
2023-11-1410 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #271: Edwin Kwan: Singapore Marina Bay Sands Suffers Data Breach Impacting 665K Customers; Katy Craig: PHaaS Provider BPL Taken Down; Hillary Coover: Boeing's recent cybersecurity breach; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 270+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 12, 2000. Bill Gates demonstrates a functional prototype of a tablet PC. Microsoft claims the Tablet PC will represent the next major evolution in PC design and functionality. However, the Tablet PC initiative never really takes off, and it isn't until Apple introduced the iPad in 2010 that tablet computing is widely adopted.Edwin Kwan: Marina Bay Sands in Singapore has discl...
2023-11-1309 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #270: Edwin Kwan: WhatsApp Introduces Location Privacy Feature; Hillary Coover: A Shift Towards Empowering Users for Image Authenticity; Olimpiu Pop: And the gold medal for the largest non-payroll goes to…; Val Cole: This Day in Tech HistoryFree, ungated access to all 270+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Val Cole: November 10th, 1983. In 1983, which was 25 years before I was born, Microsoft announced version 1. 0 of Windows. It was the first graphical user interface for IBM compatible PCs.Edwin Kwan: WhatsApp is rolling out a privacy feature that allows users to keep their location private. However, there is a potential trade off. The phone quality might be reduced due to the connectio...
2023-11-1008 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #269: Edwin Kwan: WhatsApp Mods for Android May Contain Spyware; Ian Garrett: Cyber Attackers and Defenders Enter an AI Arms Race; Katy Craig: Russia, Iran, and China: US 2024 Election Meddling Likely; Mark Miller: This Day in Tech HistoryFree, ungated access to all 265+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 9, 1922. Albert Einstein is named the winner of the 1922 nobel Prize for Physics for his explanation of the photoelectric effect. The Nobel Committee passed on several nominations for his many other seminal contributions, although these led to prizes for others who later applied more advanced technology to experimentally verify Einstein's work. Edwin Kwan: Security researchers have discovered modified ver...
2023-11-0911 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #268: Edwin Kwan: Security Assessed Apps Now Receives Badge on Google Play Store; Olimpiu Pop: StarCoder - An Open Source State Of The Art Code LLM; Katy Craig: China’s Global Cyber Power; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 265+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 8, 1895. German physics professor Wilhelm Röntgen stumbles upon what he would later describe as "X-rays" while experimenting with electrical discharge tubes. Curious as to what was causing a faint green glow on a nearby fluorescent screen, Röntgen began systematically studying the unknown rays and published the first paper on the phenomenon less than two months later. Edwin Kwan: Goo...
2023-11-0809 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #267: Edwin Kwan: Okta Suffered Data Breach Impacting Their Employees; Ian Garrett: Rising ransomware attacks drive zero trust adoption; Olimpiu Pop: BigCode A Project With a Mission: Build State Of The Art LLM Coding Models That Are OpenFree, ungated access to all 265+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Edwin Kwan: Okta has suffered yet another data breach, this one affecting their employees' personal information.Ian Garrett: How has ransomware impacted zero-trust adoption? With the rising threat of ransomware attacks, organizations have turned to the adoption of zero-trust and network segmentation strategies to counter these threats Olimpiu Pop: Even though there was always the choice, open-source versus c...
2023-11-0706 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #266: Edwin Kwan: WeChat and Kaspersky Apps Banned on Canadian Government Devices; Hillary Coover: Meta's Privacy Pivot: Upholding Principles or Extortion?; Mark Miller: Just in Time for Día de los Muertos: KandyKorn Malware; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 265+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 5th, 2007. Google introduces the Android platform, it's mobile operating system for cell phones based on a modified version of the Linux operating system. The first Android-based phone would ship in September of 2008. Edwin Kwan: The Canadian government has announced a ban on the use of WeChat and Kaspersky's apps on government-issued mobile devices. The Canadian government banned T...
2023-11-0610 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #265: Edwin Kwan: Who Should Bear the Cost of Invoice Scam?; Marcel Brown: This Day in Tech History; Olimpiu Pop: DORA Metrics - an agile, emotionally safe culture is the way; Shannon Lietz: Security in the DORA Report ; Nathen Harvey: Insights on AI in the DORA ReportFree, ungated access to all 265+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 3rd, 1957. The Soviet Union launches Sputnik the second spacecraft launched into Earth orbit and the first spacecraft to carry a living creature into orbit. Laika, the Siberian Husky dog, unfortunately only survived a few hours into the flight and died from stress and overheating.Edwin Kwan: Who should bear the cost of invoice scam? The victim, the company the...
2023-11-0317 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #264: Edwin Kwan: SEC Charges SolarWinds and CISO for Misleading Investors Before Cyber Attack; Ian Garrett: The World Needs 4 Million More Cybersecurity Professionals; Hillary Coover: Global Alliance Takes a Stand: No More Ransom Payments to Cybercriminals; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 260+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 2nd, 1988. Robert Morris of Cornell University launches a self-replicating worm as part of a research project designed to determine the size of the early internet. Due to a programming error, the "Morris Worm" began repeatedly infecting machines, clogging network traffic, and causing machines to crash. Edwin Kwan: The US Securities and Exchange Commission has announced charges against So...
2023-11-0209 min
It's 5:05! Daily cybersecurity and open source briefingEpisode 263: Edwin Kwan: APT Malware Disguised as Crypto miner Infects One Million Systems; Mark Miller: Surprise, Surprise! SolarWinds Lied. Imagine that.; Hillary Coover: The Paradox of Cybersecurity: Increasing Threats, Decreasing Budgets, and Talent Shortages.; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 235+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: November 1st, 1963. The largest radio telescope ever constructed, the Arecibo Observatory opened in Puerto Rico. It would be used for many major discoveries including the first direct imaging of an asteroid. Hillary Coover: The cybersecurity landscape is experiencing a paradoxical challenge as cyberattacks continue to rise while budgets decrease and companies implement layoffs. A recent survey reveals that nearly h...
2023-11-0110 min
It's 5:05! Daily cybersecurity and open source briefingEpisdoe #262: Edwin Kwan: Casio Data Breach affects over 120,000 customers in 149 countries; Ian Garrett: 6 Types of Supply Chain Attacks (Part 2); Hillary Coover: Keeping Perspective: Why the Social Media Surveillance Revelation Deserves a Thoughtful Look; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 260+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 31st, 2000. Russia launches Soyuz TM-31 carrying the first crew to the International Space Station. Between the 2011 retirement of the space shuttle and the 2020 demo flight of SpaceX Crew Dragon, the Soyuz served as the only means to ferry crew to or from the International Space Station. Edwin Kwan: Casio has suffered a data breach that has affected over 120,0...
2023-10-3109 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #261: Edwin Kwan: Israel-Hamas War Crypto Donation Scams; Hillary coover: Linkedin Chatbot; Mark Miller: Stanford University Breached by Akira Ransomware Group; Mark Miller: This Day in Tech HistoryFree, ungated access to all 260+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today. Mark Miller: October 29, 1969. UCLA student Charley Kline attempts to transmit the text, "login", to a computer at the Stanford Research Institute. After the letters L and O are sent, the system crashes, making the first message ever sent on the internet "lo". Edwin Kwan: Since the Israel-Hamas war, there's been numerous crypto donation scam sites appearing online. Scammers have been capitalizin...
2023-10-3007 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #260: Edwin Kwan: OAuth Implementation Flaw Allowing Account Takeover; Marcel Brown: This Day in Tech History; Katy Craig: HTTP/2 RapidReset Attack; Olimpiu Pop: HTTP/2 RapidReset: Zero-day Vulnerability; Shannon Lietz: RapidReset: How Critical is ItFree, ungated access to all 260+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 28th, 1998. US president Bill Clinton signs into law the Digital Millennium Copyright Act, or DMCA. The law is intended to criminalize production and dissemination of technology designed to circumvent digital copyright protection, known as Digital Rights Management, or DRM.Edwin Kwan: Security researchers discovered critical misconfiguration flaws in the implementation of the Open Authorization or OAuth standard by three p...
2023-10-2716 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #259: Edwin Kwan: 1Password Impacted by Okta Breach; Ian Garrett: 6 Types of Supply Chain Attacks (Part 1); Katy Craig: New Mirai Malware Variant; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 235+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel brown: October 26th, 1861. Only two days after the Transcontinental Telegraph line opened, the Pony Express ceases operation. Prior to the opening of the cross-country telegraph line, the Pony Express was the fastest way to send communication between St. Joseph, Missouri and San Francisco, California.Edwin Kwan: 1Password has confirmed that it was attacked by cybercriminals using session information that was...
2023-10-2609 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #258: Edwin Kwan: South Australian Superannuation Suffers Breach; Hillary Coover: Meta Lawsuits: Your Child's Online Safety is at Risk; Mark Miller: Massive DDoS Attack: 201 Million Requests per Second (RPS); Marcel Brown: This Day in Tech HistoryFree, ungated access to all 235+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 25th, 2001. Microsoft releases the operating system Windows XP, the successor to both Windows 2000 and Windows ME. Edwin Kwan: Super SA, a dedicated superannuation fund for state government employees in South Australia, suffered a data breach. The data loss was through a third-party call center, which Super SA had previously contracted.Hillary Coover: Is your child's online safet...
2023-10-2508 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #257: Edwin Kwan: Okta Breach Exposed Sensitive Customer Data; Katy Craig: Cisco Zero Day is Bad News; Ian Garrett: Will Hackers Who Write Phishing Emails Lose Their Jobs? Marcel Brown: This Day in Tech HistoryFree, ungated access to all 255+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 24th, 1861. Western Union completes the first transcontinental telegraph line across the United States. Not coincidentally, two days later, the Pony Express shut down operations.Edwin Kwan: Okta recently announced that their support case management system suffered a breach and sensitive customer data was stolen. Okta said that all affected customers have been notified, and that if you had not been con...
2023-10-2408 minIt's 5:05! Daily cybersecurity and open source briefingEpisode 256: Edwin Kwan: Fake Browser Updates Delivering Malware; Katy Craig: Countdown to Q Day; Hillary Coover: Cookie Tracking Lawsuit in Netherlands; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 255+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 23, 2001. Using the slogan, 1, 000 songs in your pocket, Steve Jobs introduces the original iPod, featuring a 5GB hard drive, FireWire connectivity, and synchronization to iTunes. Edwin Kwan: Attackers are using cybersecurity best practices against users, prompting them to download malicious browser updates. The attackers start by compromising a legitimate but vulnerable website.Hillary Coover: A Dutch consumer-rig...
2023-10-2310 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #255: Edwin Kwan: Top Password Used By IT Admins is ‘admin’; Hillary Coover: Is X's Anti-Disinformation Tool Backfiring; Shannon Lietz: Is Hashicorp’s Move a Win, Lose, or Draw; Olimpiu Pop: Is Open Source Reaching EOL? Maybe, according to Hashicorp; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 255+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 21st, 1879. Thomas Edison perfects the first commercially practical incandescent light bulb using a filament of carbonized cotton thread. Edison's successful design came only after he had tested over 6, 000 different vegetable fibers. Edwin Kwan: Security researchers have discovered that IT administrators are using weak passwords to protect access to portals, providing easy access to attackers to enterprise networks. An a...
2023-10-2013 minIt's 5:05! Daily cybersecurity and open source briefingEpisode #254: Edwin Kwan: Malicious “Red Alert” App Spying on Israelis; Ian Garrett: 10 Hidden Costs Draining CISO Security Budgets (Part 2); Hillary Coover: Threat Posed by Chinese Espionage and Social Engineering; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 235+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 19th, 1979. According to Dan Bricklin, one of the co-creators of VisiCalc, the first "real" release of VisiCalc was completed and packaged for shipment. VisiCalc was the first commercially available spreadsheet software and quickly became the first killer app of the personal computer market.Edwin Kwan: Malicious version of the Israeli incoming airstrike warning app has been found distributed o...
2023-10-1909 min
It's 5:05! Daily cybersecurity and open source briefingEpisode 253: Edwin Kwan: Over 10,000 Cisco Devices Hacked; Julie Chatman: NSA and CISA: Top ten cybersecurity configuration blunders; Hillary Coover: Safeguarding Nations: The Crucial Role of Satellite Imagery Data; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 235+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 18th, 1985. Nintendo releases the Nintendo Entertainment System in New York and limited other North American markets. An immediate hit, Nintendo released the system nationwide in February of 1986.Julie Chatman: I'm Julie Chatman in Washington DC with a special message for cyber warriors, especially network defenders. The U. S. National Security Agency and the Cybersecurity and Infrastructure Security...
2023-10-1811 minIt's 5:05! Daily cybersecurity and open source briefingEpisode 252: Edwin Kwan: Equifax Ltd fined £11 million for Preventable Cybersecurity Breach; Ian Garrett: 10 Hidden Costs Draining CISO Security Budgets (Part 1); Mark Miller: Follow Up to Atlassian Confluence Level 10 Vulnerability Alert; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 250+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 17, 1990. Colin Needham, an English movie fan, launches the "rec.arts.movies movie database," which would later be known as the Internet Movie Database, or IMDb. An engineer working for HP at the time, by 1996, Needham quit his job to work on IMDb full-time.Edwin Kwan: Equifax has been fined £11 million by Britain's financial watchdog for the 2017 cybersecurity br...
2023-10-1708 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #251: Edwin Kwan: Queensland Introduces Mandatory Data Breach Notification; Mark Miller: Overwhelmed with Cybersecurity Alerts? Yeah, so am I.; Hillary Coover: Government vs Corporate Surveillance: Which is more Intrusive?; Marcel Brown: This Day in Tech HistoryFree, ungated access to all 250+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 16th, 1959. Control Data Corporation releases their CDC 1604 computer, the world's fastest computer at the time, and the first commercially successful fully-transistorized computer. The 1604 was CDC's first computer, primarily designed by engineer Seymour Cray. Mark Miller: All the "recommendations" are saying use strong passwords, train your people, update your software, yadda, yadda, yadda, same ol', same ol'. That's not working...
2023-10-1610 min
It's 5:05! Daily cybersecurity and open source briefingEpisode 249: Edwin Kwan: Vulnerable WordPress Plugin Results in Thousands of Sites Hacked; Ian Garrett: 5 Tips to Take Zero Trust from Buzzword to Implementation; Mark Miller: CISA and FBI: AvosLocker Ransomware (Update); Marcel Brown: This Day in Tech HistoryFree, ungated access to all 245+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 12th, 1988. Hailed by Steve Jobs as a computer five years ahead of its time, NeXT Incorporated introduces their NeXT computer. While not a significant commercial success, the NeXT computer and the technology developed for it have a long and storied history. Edwin Kwan: Thousands of WordPress websites have been compromised by attackers exploiting a vulnerability in a popular p...
2023-10-1209 minIt's 5:05! Daily cybersecurity and open source briefingEpisode 248: Edwin Kwan: D-Link Wi-Fi Device Vulnerable to Command Injection Attack; Katy Craig: Google Goes Passwordless; Hillary Coover: FDA Adapting to AI: Balancing Innovation and Safety; Marcel Brown: This Day, October 11th, in Tech HistoryFree, ungated access to all 245+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: October 11, 1887. Dorr Eugene Felt is granted the second of two patents on his comptometer, the first practical and commercially successful key-driven, mechanical calculator. Various comptometers were in continuous production from 1887 to the mid 1970s.Edwin Kwan: A popular D-Link WiFi range extender device is susceptible to remote command injection, and there is currently no fix available. The researchers r...
2023-10-1108 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #247: Edwin Kwan: Linux Distributions Vulnerable to Looney Tunables; Katy Craig: Hactivists Enter the Middle-East Fray; Ian Garret: Google Helps Drive the End of Passwords; Marcel Brown: This Day in Tech History.Free, ungated access to all 245+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today:Marcel Brown: October 10th, 1980. Namco officially transfers rights to Midway for distribution of the games Pac-Man and Rally-X in North America. While the exact date that Pac-Man started shipping to arcades in North America is currently unknown, most sources cite October of 1980.Edwin Kwan: A new Linux vulnerability, known as the Looney Tunables, impacts most Linux distributions and allows attackers to gain...
2023-10-1008 min
KBKASTEpisode 215 Deep Dive: Edwin Kwan | Navigating the Wild West: Tools and Techniques to Assess the Security and Integrity of Open Source SoftwareIn this episode, we are joined by Edwin Kwan (Head of Application Security and Advisory – Tyro Payments), as he sheds light on the meticulous risk acceptance process and shares his insights on using open source software to build applications swiftly with freely available parts. We explore the challenges of ensuring the security of open source software and the need for due diligence when downloading such software. Edwin raises thought-provoking questions about software verification, maintenance, and security, highlighting the tricky balance between maintaining security protocols and accommodating a wide range of individuals in the workplace.
Stay tuned as we...
2023-10-0642 min
Secured by Galah Cyber with Cole CornfordFrom Code to Cybersecurity: A Deep Dive into Open Source, Encryption, and Leadership with Edwin KwanFormerly a software engineer, today Edwin Kwan is Head of Application Security and Advisory at Tyro Payments. Edwin is also a contributing journalist to the It’s 5:05 Podcast, which highlights cybersecurity and open source software news. Host Cole Cornford chats with Edwin about transitioning from focusing on the nitty gritty challenges of an engineer to the very different challenges of overseeing a team, the importance of due diligence when using open source software, the pros and cons of end to end encryption, and plenty more.Secured by Galah Cyber with Cole Cornford website 2:55 - I...
2023-07-0540 minDayOne.FMFrom Code to Cybersecurity: A Deep Dive into Open Source, Encryption, and Leadership with Edwin KwanFormerly a software engineer, today Edwin Kwan is Head of Application Security and Advisory at Tyro Payments. Edwin is also a contributing journalist to the It’s 5:05 Podcast, which highlights cybersecurity and open source software news. Host Cole Cornford chats with Edwin about transitioning from focusing on the nitty gritty challenges of an engineer to the very different challenges of overseeing a team, the importance of due diligence when using open source software, the pros and cons of end to end encryption, and plenty more.Secured by Galah Cyber with Cole Cornford website 2:55 - I...
2023-07-0540 min
Cloud Security PodcastBuilding an Engineering Security Culture - Failure stories included - Edwin Kwan, Tyro PaymentsIn this episode of the Virtual Coffee with Ashish edition, we spoke with Edwin Kwan, Head of Application and Software Security at Tyro payments.
Host: Ashish Rajan - Twitter @hashishrajan
Guest: Edwin Kwan - Twitter @edkwan
Edwin & Ashish spoke about
What was Edwin’s path into CyberSecurity?
What is AppSec for people who don't know?
What is the difference between Application Security and Software Security?
Is being a developer an advantage going into Application Security?
Is AppSec any different between cloud compared so an application deployed on-premise?
Enabling an engineering security culture - What does th...
2020-06-2144 min
The OWASP Podcast SeriesThreat Modeling - A Disaster Story with Edwin KwanWe continue the "Epic Failures in DevSecOps" series by speaking with Edwin Kwan on his chapter, "Threat Modeling - A Disaster Story". Edwin is Application and Software Security Team Lead at Tyro Payments. In our discussion, we talk about the three things he learned through his "Epic Failure":
-- Demonstrate value at the buy-in
-- Get early feedback
-- Automate as much as possible
During our discussion, we talk at length about the role of security and how to begin implementing automation at the earliest stages of the development process.
About Edwin Kwan
Edwin Kwan is the Application and Software...
2018-12-1818 min