Look for any podcast host, guest or anyone
Showing episodes and shows of

Joff Thyer

Shows

AI Security Ops
AI Security OpsAI News | Episode 39AI News | Episode 39In this episode of AI Security Ops, we break down the latest developments in AI-driven threats, identity chaos caused by autonomous agents, NIST’s focus on securing AI in critical infrastructure, and new visibility tooling for AI exposure.We cover real-world abuse of LLMs for phishing, how AI agents are colliding with IAM governance, and what defenders should be watching right now.Chapters:00:00 – Introduction and SponsorsBlack Hills Information Security - https://www.blackhillsinfosec.com/Antisyphon Training - https://www.antisyphontraining.com/01:08 – LLM-Generated Phishing JavaScript (Unit 4...
2026-02-1218 minAI Security Ops
AI Security OpsQuestions From the Community | Episode 38Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Joff Thyer - Host Derek Banks - Host Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here...
2026-02-0516 minThe CyberCall Podcast
The CyberCall PodcastJohn Strand & the BHIS Team at RoB26Today’s conversation is all about how MSPs actually win in the modern threat landscape — before, during, and after an attack.We’re joined by three practitioners who will each be leading hands-on workshops at Right of Boom 2026. John Strand will take us inside Cloud Forever Days and intro to pen testing, showing how attackers really move through cloud environments. Joff Thyer will break down how MSPs can use AI automation to scale security operations without scaling chaos. And Patterson Cake will walk us through what incident response should look like when things stop being theoretical and start...
2026-01-141h 02AI Security Ops
AI Security Ops2026 Predictions | Episode 35AI Security Ops | Episode 35 – 2026 PredictionsIn this episode, the BHIS panel looks into the crystal ball and shares bold predictions for AI in 2026—from energy constraints and drug development breakthroughs to agentic AI risks and cybersecurity threats.Chapters(00:00) - Intro & Sponsor Shoutouts (01:14) - Prediction: Grid Power Becomes the Bottleneck (10:27) - Prediction: FDA Qualifies AI Drug Development Tools (15:45) - Prediction: Nation-State Threat Actors Weaponize AI (17:33) - Prediction: Agentic AI Dominates App Development (23:07) - Closing Thoughts: Jobs, Risk & Opportunity 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com...
2026-01-0824 minAI Security Ops
AI Security OpsAI Security Ops - Why Did We Create This Podcast? | Podcast TrailerJoin the 5,000+ cybersecurity professionals on our BHIS Discord server to ask questions and share your knowledge about AI Security. https://discord.gg/bhisAI Security Ops | Episode 34 – Why Did We Create This Podcast?In this episode, the BHIS team explains the purpose behind AI Security Ops, what you can expect from future episodes, and why this show matters for anyone at the intersection of AI and cybersecurity.Chapters(00:00) - Intro & Welcome (00:13) - Why We Started AI Security Ops (00:41) - Our Mission: Stay Informed & Ahead (00:56) - What We Cover: AI News & Insights (01:23...
2025-12-2403 minAI Security Ops
AI Security OpsCommunity Q&A on AI Security | Episode 34Community Q&A on AI Security | Episode 34In this episode of BHIS Presents: AI Security Ops, our panel tackles real questions from the community about AI, hallucinations, privacy, and practical use cases. From limiting model hallucinations to understanding memory features and explaining AI to non-technical audiences, we dive into the nuances of large language models and their role in cybersecurity.We break down:Why LLMs sometimes “make stuff up” and how to reduce hallucinationsThe role of prompts, temperature, and RAG databases in accuracyPrompting best practices and reasoning modes for better resultsLegal liability: Can you sue...
2025-12-1928 minAI Security Ops
AI Security OpsAI News Stories | Episode 33🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comAI News | Episode 33In this episode of BHIS Presents: AI Security Ops, the panel dives into the latest developments shaping the AI security landscape. From the first documented AI-orchestrated cyber-espionage campaign to polymorphic malware powered by Gemini, we explore how agentic AI, insecure infrastructure, and old-school mistakes are creating a fragile new attack surface.We break down:AI-driven cyber espionage: Anthropic disrupts a state-sponsored campaign using autonomous Black-hat LLMs: KawaiiGPT democratizes offensive capabilities for script kiddies.Critical RCEs in AI s...
2025-12-1137 minAI Security Ops
AI Security OpsModel Evasion Attacks | Episode 32🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comModel Evasion Attacks | Episode 32In this episode of BHIS Presents: AI Security Ops, the panel explores the stealthy world of model evasion attacks, where adversaries manipulate inputs to trick AI classifiers into misclassifying malicious activity as benign. From image classifiers to malware detection and even LLM-based systems, learn how attackers exploit decision boundaries and why this matters for cybersecurity.We break down:- What model evasion attacks are and how they differ from data poisoning- How attackers tweak features to byp...
2025-12-0428 minAI Security Ops
AI Security OpsData Poisoning | Episode 31🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comData Poisoning Attacks | Episode 31In this episode of BHIS Presents: AI Security Ops, the panel dives into the hidden danger of data poisoning – where attackers corrupt the data that trains your AI models, leading to unpredictable and often harmful behavior. From classifiers to LLMs, discover why poisoned data can undermine security, accuracy, and trust in AI systems.We break down:What data poisoning is and why it mattersHow attackers inject malicious samples or flip labels in training setsThe role of open-sou...
2025-11-2731 minAI Security Ops
AI Security OpsAI News Stories | Episode 30🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comAI News Stories | Episode 30In this episode of BHIS Presents: AI Security Ops, we break down the top AI cybersecurity news and trends from November 2025. Our panel covers rising public awareness of AI, the security risks of local LLMs, emerging AI-driven threats, and what these developments mean for security teams. Whether you work in cybersecurity, AI security, or incident response, this episode helps you stay ahead of evolving AI-powered attacks and defenses.Topics Covered:Only 5% of Americans are un...
2025-11-2037 minAI Security Ops
AI Security OpsA Conversation with Dr. Colin Shea-Blymyer | Episode 29🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comA Conversation with Dr. Colin Shea-Blymyer  | Episode 29In this episode of BHIS Presents: AI Security Ops, the panel welcomes Dr. Colin Shea-Blymyer for a deep dive into the intersection of AI governance, cybersecurity, and red teaming. From the historical roots of neural networks to today’s regulatory patchwork, we explore how policy, security, and innovation collide in the age of AI. Expect candid insights on emerging risks, open models, and why defining your risk appetite matters more than ever.Topics Covered:AI gove...
2025-11-1346 minAI Security Ops
AI Security OpsQuestions from the Community | Episode 28🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comAI News Stories | Episode 28 – Questions from the CommunityIn this episode of BHIS Presents: AI Security Ops, the panel tackles real questions from the community, diving deep into the practical, ethical, and technical challenges of AI in cybersecurity. From red teaming tools to prompt privacy, this Q&A session delivers candid insights and actionable advice for professionals navigating the AI-infused threat landscape.🧠 Topics Covered:Open-source tools for LLM red teamingThreat modeling AI systems (STRIDE methodology)Hallucination rates in frontier vs. local model...
2025-11-0628 minAI Security Ops
AI Security OpsAzure AI Foundry Guardrails | Episode 27🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comAzure AI Foundry Guardrails | Episode 27In this episode of BHIS Presents: AI Security Ops, we explore how to configure content filters for AI models using the Azure AI Fooundry guardrails and controls interface. Whether you're building secure demos or deploying models in production, this walkthrough shows how to block unwanted content, enforce policy, and maintain compliance.Topics Covered: Changing default filters for demo compliance Setting up a system prompt and understanding its role Adding regex terms to block specific content C...
2025-10-3015 minAI Security Ops
AI Security OpsQuestions from the Community | Episode 26🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comQuestions from the Community | Episode 26In this community-driven episode of BHIS Presents: AI Security Ops, the panel answers real questions from viewers about AI security, privacy, and risk. Featuring Brian Fehrman, Bronwen Aker, Jack Verrier, and Joff Thyer, the team dives into everything from guardrails and hallucinations to GDPR, agentic AI, and how to stay safe in an AI-saturated world.💬 Topics include:Are guardrails enough to protect sensitive prompts?What’s the difference between hallucination and confabulation?How does AI int...
2025-10-2337 minAI Security Ops
AI Security OpsAI News Stories | Episode 25🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comAI News Stories | Episode 25In this episode of BHIS Presents: AI Security Ops, the panel dives into the biggest AI cybersecurity headlines from late September 2025. From government regulation to zero-click exploits, we unpack the risks, trends, and implications for security professionals navigating the AI-powered future.🧠 Topics Covered:Government oversight of advanced AI systemsAccenture’s massive layoffs amid AI pivotShadowLeak: zero-click vulnerability in ChatGPT agentsMalicious MCP server stealing emailsAI in the SOC: benefits and risksAttackers using AI to scale ransomware and social engi...
2025-10-1631 minAI Security Ops
AI Security OpsModel Extraction Attacks | Episode 24🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comModel Extraction Attacks | Episode 24In this solo episode of BHIS Presents: AI Security Ops, Brian Fehrman explores the stealthy world of Model Extraction Attacks—where hackers clone your AI model without ever touching your code. Learn how adversaries can reverse-engineer your multimillion-dollar model simply by querying its API, and why this threat is more than just academic.We break down:- What model extraction is and how it works- Real-world examples like DeepSeek’s alleged distillation of OpenAI...
2025-10-1119 minAI Security Ops
AI Security OpsNews of the Month | Episode 23🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comIn this episode of AI Security Ops, Brian Fehrman and Joff Thyer dive into the latest AI news of the month, exploring how rapidly evolving technologies are reshaping cybersecurity.Topics covered include: - How AI is changing cybersecurity monitoring - Expanding from email to Slack, Teams, and other chat platforms - Addressing insider threats and phishing campaigns in new channels - The rapid pace of AI innovation and industry trends - Why organizations should prioritize AI security...
2025-10-0234 minAI Security Ops
AI Security OpsInsider Threat 2.0 - Prompt Leaks & Shadow AI | Episode 22🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comInsider Threat 2.0 -  Prompt Leaks & Shadow AI | Episode 22In this episode of BHIS Presents AI Security Ops, we dive into Insider Threat 2.0: Prompt Leaks & Shadow AI. The panel explores the hidden risks of employees pasting sensitive data into public AI tools, the rise of unauthorized “Shadow AI” in organizations, and how policies—or lack thereof—can expose critical information. Learn why free AI services often make you the product, how prompt history creates data leakage risks, and why companies must establish clear...
2025-09-2525 minAI Security Ops
AI Security OpsDeepfakes and Fraudulent Interviews In Remote Hiring | Episode 21🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comEpisode 21 - Deepfakes And Fraudulent Interviews In Remote HiringIn this episode of AI Security Ops by Black Hills Information Security, the crew explores the alarming rise of deepfakes and fraudulent interviews in remote hiring. As virtual work expands, cybercriminals are using AI-driven impersonation tactics to pose as job candidates, deceive recruiters, and gain unauthorized access to organizations. Joff, Bronwen Aker, Brian Fehrman, and Derek Banks break down real-world cases, explain the challenges of spotting deepfake job scams...
2025-09-1828 minAI Security Ops
AI Security OpsThe Hallucination Problem | Episode 20🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comEpisode 20 - The Hallucination ProblemIn this episode of AI Security Ops, Joff Thyer and Brian Fehrman from Black Hills Information Security dive into the hallucination problem in AI large language models and generative AI. They explain what hallucinations are, why they happen, and the risks they create in real-world AI deployments. The discussion covers security implications, practical examples, and strategies organizations can use to mitigate these issues through stronger design, monitoring, and tes...
2025-09-1126 minAI Security Ops
AI Security OpsMalware in the Age of AI | EP 18🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comMalware in the Age of AI | Episode 18In Episode 18, hosts Joff Thyer, Derek Banks and Brian Fehrman discuss the rise of AI-powered malware. From polymorphic keyloggers like Black Mamba to the use of ChatGPT, WormGPT, and fine-tuned LLMs for cyberattacks, the team will explain how generative AI is reshaping the security landscape.They'll break down the real risks vs. hype, including prompt injection, jailbreaking, deepfakes, and AI-driven fraud, while also sharing strategies defenders can use to fight back.The di...
2025-08-2832 minAI Security Ops
AI Security OpsCommunity Q&A | Episode 17Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comCommunity Q&A | Episode 17In episode 17 of the AI Security Ops Podcast, hosts Joff Thyer, Derek Banks, Brian Fehrman and Bronwen Aker answer viewer-submitted questions about system prompts, prompt injection risks, AI hallucinations, deep fakes, and when (and when not) to use AI in cybersecurity. They'll discuss the difference between system and user prompts, how temperature settings impact LLM outputs, and the biggest mistakes companies make when deploying AI models. They'll also explain how to reduce hallucinations, and approach AI resp...
2025-08-2137 minAI Security Ops
AI Security OpsA Conversation with Daniel Miessler | Episode 16A Conversation with Daniel MiesslerIn Episode 16, Joff and the team welcome human-centric AI innovator Daniel Miessler, creator of Fabric, an AI framework for solving real-world problems from a human perspective.The conversation covers AI’s role in cybersecurity, the importance of clarity in “intent engineering” over prompt tricks, and the risks and opportunities of deploying large language models. They explore the shift from “vibe coding” to “spec coding,” the rise of AI scaffolding over raw model improvements, and what AI advancements including GPT-5 mean for the future of knowledge work."Introducing Fabric — A Hum...
2025-08-1444 minAI Security Ops
AI Security OpsNews of the Month – Episode 15🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comIn this episode, we'll discuss Palo Alto Networks’ acquisition of Protect AI, the rise of “Shadow AI” in enterprises, alarming AI-driven data leaks, and vibe coding gone wrong. We'll dive into critical issues like AI hallucinations and the growing need for "human in the loop" oversight. We'll wrap up with a discussion of Proton’s Lumo AI chatbot, disappearing medical disclaimers in AI chatbots and data poisoning in Amazon's AI coding agent.#AI #Cybersecurity #LLM #AInews #AISecurityOps #BlackHillsInfo...
2025-08-0739 minAI Security Ops
AI Security OpsQuestions From The Community podcast – Episode 14🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comIn Episode 14 of the AI Security Ops Podcast, hosts Joff Thyer, Derek Banks, and Brian Fehrman answer questions submitted by viewers. The team will cover how effective prompt engineering can transform LLMs into workflow accelerators, and debate AI tool strengths— when to use Claude, ChatGPT, or Notebook LM.They'll discuss the importance of human oversight when integrating AI into operations, highlighting the "human-in-the-loop" concept and include ways to explain AI to non-technical audiences.#AI #promptengineering #CyberSecurity #Automatio...
2025-07-3138 minAI Security Ops
AI Security OpsAugmenting Red Teaming with AI- Episode 13🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Augmenting Red Teaming with AI | Episode 13In Episode 13 of the AI Security Ops Podcast, hosts Joff Thyer, Derek Banks, and Brian Fehrman dive into the exciting world of **Agentic AI in Red Teaming**. Discover how augmenting red teams with AI-driven tools helps automate penetration testing, tackle low-hanging fruit vulnerabilities, and provide comprehensive security coverage. The team discusses the importance of prompt engineering, maintaining human oversight, and navigating potential risks, including unintended actions by auton...
2025-07-2430 minAI Security Ops
AI Security OpsGlobal AI Laws and the Impact of GDPR – Episode 12🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comRegulating the Machine: Global AI Laws and the Impact of GDPR | Episode 12In Episode 12 the hosts discuss the complexities of regulating artificial intelligence (AI) technology across the globe. Highlighting the rapid advancement of AI and its challenges for lawmakers, the episode explores how the GDPR framework in the European Union provides clear guidelines addressing AI-related issues like data privacy, consent, and accountability. The discussion also contrasts the European regulatory-first approach with the U.S.'s...
2025-07-1726 minAI Security Ops
AI Security OpsAgentic AI Threats, challenges, and Defenses | Episode 10🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comExplore the rising security risks and challenges associated with agentic AI in Episode 10 of AI Security Ops. Join Cybersecurity experts Joff Thyer, Bronwen Aker, Derek Banks, and Brian Ferhman as they unpack the complexities of AI gaining autonomy and agency. This episode covers key topics such as defining agentic AI, real-world vulnerabilities like prompt injection, potential implications for cybersecurity, and effective mitigation strategies like implementing guardrails and maintaining granular logging. Valuable information for cybersecurity professionals, AI developers, and anyone interested in the future...
2025-07-0337 minAI Security Ops
AI Security OpsAI Model Usage and Comparisons – Episode 9Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comEpisode 9 of AI Security Ops! AI Model Usage and ComparisonsIn this exciting episode, we explore practical uses and comparisons of popular AI models including OpenAI, Claude, Gemini, and Copilot. Join our expert panelists as they discuss personal workflows, share experiences with AI-driven coding and text processing, and examine strengths and weaknesses of these powerful technologies. Discover insights into the exponential growth of AI capabilities, the emerging specialization of models, and practical advi...
2025-06-2614 minAI Security Ops
AI Security OpsAEO vs SEO | Episode 8🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com AEO vs SEO | Episode 8Explore how Artificial Intelligence (AI) is revolutionizing online search in this insightful episode of the AI Security Ops Podcast. Learn about Search Engine Optimization (SEO) versus Answer Engine Optimization (AEO), and understand the shift from link-based results to rich, AI-driven answers. Discover the security challenges and ethical implications surrounding the use of AI in search engines, including risks like misinformation, deepfakes, and data privacy concerns. Gain practical insights on how c...
2025-06-1930 minAI Security Ops
AI Security OpsR.A.G. [Retrieval Augmented Generation] – Episode 7🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com R.A.G. (Retrieval Augmented Generation) is a powerful technique for enhancing Large Language Model (LLM) outputs with real-time, external data. RAG bridges the gap between static model knowledge and dynamic, context-aware responses.Join hosts Brian Fehrman, Derek Banks, Bronwen Aker, and Ben Bowman as they break down how RAG improves the reliability and relevance of generative AI systems. You’ll learn why context retrieval matters, what problems RAG solves, and where it fits into modern AI security practices.
2025-06-1226 minAI Security Ops
AI Security OpsLLM Guardrails | Episode 6🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Episode 6: LLM GuardrailsWe dive deep into the evolving world of LLM guardrails. We explore why guardrails are essential for securing large language models, the challenges of implementing them effectively, and how current approaches often resemble the patchwork fixes of early InfoSec days. From input/output filtering and prompt injection defenses to the emerging trend of LLMs guarding other LLMs, we analyze real-world assessments, highlight security pitfalls, and discuss the need for layered...
2025-06-0522 minAI Security Ops
AI Security OpsHarmful Content | Episode 5ChatGTP created summary, because of course we're gonna use A.I. on our A.I. podcast:In this episode of the AI Security Ops podcast, the panel discusses the challenges and risks of harmful content generated by AI, particularly focusing on generative models like GPT. They explore how powerful prompt engineering can lead to the creation of misleading or dangerous outputs, and highlight the importance of detection methods, ethical oversight, and regulatory standards. The conversation emphasizes the need for responsible use of AI, stressing that while these models are incredibly capable, safeguards and human...
2025-05-2236 minAI Security Ops
AI Security OpsAI DeepfakesWelcome to another thought-provoking episode of AI Security Ops, hosted by Joff Thyer alongside Brian Fehrman and Derek Banks. In this episode, we dive deep into one of the most alarming developments in artificial intelligence—AI-generated deepfakes.🔍 What We Cover:What deepfakes are and how they’re created using generative adversarial networks (GANs) and diffusion modelsReal-world deepfake incidents, including multimillion-dollar fraudThe growing accessibility of deepfake tools and the implications for social engineeringDetection and mitigation strategies: How to spot a deepfake and protect yourself or your organizationEthical and legal challenges in legislating deepfake technologyBest practices for experimenting respons...
2025-04-2829 minAI Security Ops
AI Security OpsIntroduction to Prompt Injection🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comWelcome to Episode 2 of AI Security Ops! In this episode, Joff Thyer, Derek Banks, Brian Fehrman, and Ben "The Heretic" Bowman take a deep dive into Prompt Injection — one of the most fascinating and misunderstood attack techniques in the AI space.We break down: 🛠️ What large language models (LLMs) are and how they work 💣 What prompt injection is, and why it matters for AI security 🎭 How attackers manipulate system prompts and personas 🔐 The difference between prompt injection and jailbreaking 👩‍💻...
2025-04-2323 minAI Security Ops
AI Security OpsWhy is AI Security Important?Welcome to the first episode of AI Security Ops! This week, join Brian Fehrman, Derek Banks, and Joff Thyer as they dive into why AI security matters more than ever. From how large language models work to the risks of prompt injection, jailbreaking, and AI-powered social engineering, this episode unpacks the challenges and opportunities at the intersection of AI and cybersecurity.
2025-04-1747 minTalkin\' Bout [Infosec] News
Talkin' Bout [Infosec] NewsWebcast: Shellcode Execution with GoLangIn this Black Hills Information Security (BHIS) webcast, we explore using GoLang to author malware with embedded shellcode. GoLang is a Google-authored modern successor language to C/C++. It is multi-platform, high performance, multi-threaded, and unlike C/C++ includes garbage collection! It has the advantage of compiling to native machine code, unlike .NET C# which is dependent on the common language runtime, and easily reversible. We explore how to execute Windows shellcode with GoLang in the same process thread space, and then also explore one process injection method. If you are a penetration tester looking to expand your malware authoring...
2021-09-281h 03Paul\'s Security Weekly (Video)
Paul's Security Weekly (Video)DOOM Exploit, iPhone Deep Fakes, & 11 0-Days Infect Devices - PSW #688This week in the Security News: Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity?   Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688
2021-03-261h 32Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)You Want More Budweiser? - PSW #688This week, Mehul Revankar VP Product Management and Engineering at Qualys discusses How to Tame Your Vulnerability Overload. Sven Morgenroth, Security Researcher at Netsparker talks about the dangers of Open Redirects! In the Security News Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity?   Show Notes: https://securityweekly.com/psw688 Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf
2021-03-263h 18Paul\'s Security Weekly (Video)
Paul's Security Weekly (Video)Security Grades, Mirai, Quantum Cryptography, & Hacking "Beer" - PSW #687In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking "beer", weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is.   Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class   Visit https://www.securityweekly.com/ps...
2021-03-191h 49Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)Don't Waste Bourbon - PSW #687This week, we welcome Dan Decloss, Founder and CEO at Plextrac joins us to talk about getting the real work done: The case studies. In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking airquotes beer, weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is. We round out the show with a special segment from our...
2021-03-193h 19Talkin\' Bout [Infosec] News
Talkin' Bout [Infosec] NewsWebcast: Sacred Cash Cow Tipping 2021It is another year for the Sacred Cash Cow Tipping Webcast. For those of you who are new to our email list within the past year, this is a webcast where we cover the various tools and techniques that Black Hills Information Security (BHIS) uses to bypass endpoint security protections. The point of this webcast is not so much to teach people how to bypass these products, but rather to show that they can be bypassed. Hopefully, this leads to some conversations about defense-in-depth and how many vendors exaggerate their capabilities. We also discuss how simply writing signatures for specific st...
2021-03-101h 29Security Weekly News (Audio)
Security Weekly News (Audio)Krebs Fired at CISA, 'Stone Panda', & DNS Is Not Your Friend - Wrap Up - SWN #84This week, Dr. Doug talks about IoT Legislature, Krebs is fired, DNS, Joff Thyer, Clearview, Cicada, and Funny Dream as well as the show Wrap Ups!   Show Notes: https://securityweekly.com/swn84 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
2020-11-2024 minSecurity Weekly News (Video)
Security Weekly News (Video)Krebs Fired at CISA, DNS Is Not Your Friend, & 'Stone Panda' - Wrap Up - SWN #84This week, Dr. Doug talks about IoT Legislature, Krebs is fired, DNS, Joff Thyer, Clearview, Cicada, and Funny Dream as well as the show Wrap Ups!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn84
2020-11-2024 minPaul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)Don't Touch My XP Dongle - PSW #657This week, we welcome our very own Joff Thyer, Security Analyst at Black Hills Information Security, to deliver a Technical Segment on IPv6 Tunneling! In our second segment, we welcome Terry Dunlap, Co-Founder at ReFirm Labs, to talk about IoT Security! In the Security News, Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment, Cisco Talos discloses technicals details of Chrome and Firefox flaws, Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS, Zoom zero-day flaw allows code execution on victim's Windows machine, and how the Trump administration is looking into ban on TikTok and other Chinese apps!
2020-07-113h 07Paul\'s Security Weekly (Video)
Paul's Security Weekly (Video)IPv6 Tunneling - Joff Thyer - PSW #657In this technical demo, Joff will show how you can bring up an IPv6 tunnel to learn and play with IPv6 connectivity and basic concepts. This tech segment will largely be a demo on a Debian based Linux system to show you how you might get started with IPv6.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode657
2020-07-101h 02Talkin\' Bout [Infosec] News
Talkin' Bout [Infosec] NewsWebcast: IPv6: How to Securely Start DeployingJoff Thyer has dove into everything that is IPv6 and has so much to share about it. He gets really technical but in a way you’ll be able to understand. Google reports that over 30% of their systems access comes via the IPv6 protocol coming into 2020. Many Internet Service Providers have no remaining choice but to deploy IPv6 for simple lack of v4 address resources. The global Internet can already be thought of as balkanized into a split IPv4/IPv6 world based on historical v4 allocation. There will soon come a time whereby accessing IPv4 deployed resources will be considered le...
2020-06-2459 minInformational Archives - Black Hills Information Security, Inc.
Informational Archives - Black Hills Information Security, Inc.Webcast: IPv6: How to Securely Start Deploying Joff Thyer has dove into everything that is IPv6 and has so much to share about it. He gets really technical but in a way you’ll be able to understand. […] The post Webcast: IPv6: How to Securely Start Deploying appeared first on Black Hills Information Security, Inc..
2020-06-2459 minEnterprise Security Weekly (Video)
Enterprise Security Weekly (Video)SOAR, Cody Cornell - Enterprise Security Weekly #127Cody Cornell is the CEO of Swimlane. Matt Alderman and Joff Thyer interview Cody, to discuss Security Orchestration, Automation, and Response! Full Show Notes: https://wiki.securityweekly.com/ES_Episode127 Visit http://securityweekly.com/esw for all the latest episodes!
2019-02-2230 minPaul\'s Security Weekly
Paul's Security WeeklyThe World Traveler - Application Security Weekly #50This week, Paul is joined by Joff Thyer to interview Tim Eades, CEO of vArmour, to talk about basic flow of problem, solution, and value! In the Application Security News, many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50 Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit our website: https://www.securityweekly.co...
2019-02-1357 minApplication Security Weekly (Audio)
Application Security Weekly (Audio)The World Traveler - Application Security Weekly #50This week, Paul is joined by Joff Thyer to interview Tim Eades, CEO of vArmour, to talk about basic flow of problem, solution, and value! In the Application Security News, many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50 Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit our website: https://www.securityweekly.co...
2019-02-1357 minApplication Security Weekly (Audio)
Application Security Weekly (Audio)The World Traveler - Application Security Weekly #50This week, Paul is joined by Joff Thyer to interview Tim Eades, CEO of vArmour, to talk about basic flow of problem, solution, and value! In the Application Security News, many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50 Visit https://www.securityweekly.com/asw for all the latest e...
2019-02-1357 minPaul\'s Security Weekly
Paul's Security WeeklyHellfire Dong Slinger - Paul's Security Weekly #590This week, we welcome Dr. Eric Cole, the Founder and CEO of Secure Anchor Consulting for an interview! In the Technical segment, our very own Joff Thyer will be demonstrating some syntax with PowerShell useful for transferring data into a network while pen testing! In the Security News, two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for Zero-Day Exploits are rising, new attacks target recent PHP Framework Vulnerability, Microsoft launches a new Azure DevOps Bug Bounty program, and more!   Full Show Notes: https://wiki.securityweekly.com/Episode590 Visit https://www.securityweekly.com/psw f...
2019-01-192h 46Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)Hellfire Dong Slinger - Paul's Security Weekly #590This week, we welcome Dr. Eric Cole, the Founder and CEO of Secure Anchor Consulting for an interview! In the Technical segment, our very own Joff Thyer will be demonstrating some syntax with PowerShell useful for transferring data into a network while pen testing! In the Security News, two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for Zero-Day Exploits are rising, new attacks target recent PHP Framework Vulnerability, Microsoft launches a new Azure DevOps Bug Bounty program, and more!   Full Show Notes: https://wiki.securityweekly.com/Episode590
2019-01-192h 46Paul\'s Security Weekly
Paul's Security WeeklyThe Land Down Under - Enterprise Security Weekly #110This week, in the Enterprise News, Paul is joined by Joff Thyer to discuss WhiteHat Security's single page application scanning, Palo Alto Networks acquires RedLock to build out Cloud Security, KnowBe4 boosts security awareness training, Symantec brings workload assurance security to the cloud, and Splunk unveils first IoT platform for Customers! In our final segment, we air a Pre Recorded interview from Microsoft Ignite with Secure Digital Life host Doug White and CTO of Microsoft, Mark Russinovich!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode110   Visit https://www.securityweekly.com/esw for all the latest episodes!   Visit https://www.act...
2018-10-121h 05Enterprise Security Weekly (Audio)
Enterprise Security Weekly (Audio)The Land Down Under - Enterprise Security Weekly #110This week, in the Enterprise News, Paul is joined by Joff Thyer to discuss WhiteHat Security's single page application scanning, Palo Alto Networks acquires RedLock to build out Cloud Security, KnowBe4 boosts security awareness training, Symantec brings workload assurance security to the cloud, and Splunk unveils first IoT platform for Customers! In our final segment, we air a Pre Recorded interview from Microsoft Ignite with Secure Digital Life host Doug White and CTO of Microsoft, Mark Russinovich!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode110   Visit https://www.securityweekly.com/es...
2018-10-121h 05Enterprise Security Weekly (Audio)
Enterprise Security Weekly (Audio)Hakuna Matata - Enterprise Security Weekly #98This week, Paul interviews Ferruh Mavituna, Founder of Netsparker! In the Technical Segment, CISO from Automox Joe McManus joins Paul! Paul and Security Weekly's own Joff Thyer will then wrap up with the Enterprise News to give updates on AT&T, SolarWinds, Mimecast, and more on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode98   Visit https://www.securityweekly.com/esw for all the latest episodes!   Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hun...
2018-07-121h 29Paul\'s Security Weekly (Video)
Paul's Security Weekly (Video)Fun with Android APK's, Joff Thyer - Paul's Security Weekly #566Ever wonder how to get started pen testing Android Apps? This tech segment will demonstrate a few basic techniques and tools to give you a taste of mobile app assessments with the Android platform. Full Show Notes: https://wiki.securityweekly.com/Episode566 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
2018-07-0238 minPaul\'s Security Weekly
Paul's Security WeeklyVersace On The Floor - Paul's Security Weekly #566This week, Paul interviews Tom Brennan, Founder of Proactive Risk, and Gary Berman, CEO of Cyberman Security! Our very own Joff Thyer delivers the Technical Segment this week entitled "Fun with Android APK's"! Paul and the crew will then wrap up the show with the Security News, and more on this episode of Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode566   Visit https://www.securityweekly.com/psw for all the latest episodes!   →Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!! →Follow us on Twitter: https://www.twitter.com/security...
2018-06-302h 17Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)Versace On The Floor - Paul's Security Weekly #566This week, Paul interviews Tom Brennan, Founder of Proactive Risk, and Gary Berman, CEO of Cyberman Security! Our very own Joff Thyer delivers the Technical Segment this week entitled "Fun with Android APK's"! Paul and the crew will then wrap up the show with the Security News, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode566   Visit https://www.securityweekly.com/psw for all the latest episodes!   →Visit https://www.activecountermeasures/psw to sign up for a demo or buy...
2018-06-302h 17Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)Better In Half Speed - Paul's Security Weekly #555This week, Ron Gula of Gula Tech Adventures joins us for an interview! Our very own Joff Thyer delivers the Technical Segment entitled: Got Privs? Extract and Crack the Creds! In the news, RTF bug finally gets patched, so many ways to bridge an air gap, attacking accountants, spoofing all the ports and Trollcave, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode555   Visit https://www.securityweekly.com/psw for all the latest episodes!
2018-04-142h 29Paul\'s Security Weekly
Paul's Security WeeklyBetter In Half Speed - Paul's Security Weekly #555This week, Ron Gula of Gula Tech Adventures joins us for an interview! Our very own Joff Thyer delivers the Technical Segment entitled: Got Privs? Extract and Crack the Creds! In the news, RTF bug finally gets patched, so many ways to bridge an air gap, attacking accountants, spoofing all the ports and Trollcave, and more on this episode of Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode555   Visit https://www.securityweekly.com/psw for all the latest episodes!
2018-04-142h 29Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)Paul's Security Weekly #471 - "Bash vs Python"infosec, information security, hacking, hacker, security, network security, data, ethical hacking, paul asadoorian, security weekly, pauldotcom, jack daniel, larry pesce, joff thyer, malware, ransomware, IT, podcast, security podcast
2016-07-012h 05