Episode 909 - Tesla New Hire Allegedly Takes Thousands Of Proprietary Files, Gets Fired And Sued
Security In Five Podcast
This episode talks about a situation at Telsa that led to a new employee's termination and Tesla suing them in court. Reflecting on lessons learned about onboarding, least privilege and use of personal services in a corporate environment.
info_outline
Episode 908 - Tools, Tips and Tricks - Azure AD Investigator
Security In Five Podcast
This week's tools, tips and tricks covers Azure AD Investigator. FireEye Mandiant released this tool as open source in response to the SolarWinds.
info_outline
Episode 907 - 2020 Saw A Large Increase Of CVE Reported, I Speculate To Why
Security In Five Podcast
Last year, 2020, we saw an increase of Common Vulnerabilities and Exposures (CVEs) reported from 2019. What's interesting is the time of the year that most were reported. This episode talks about why that could have been.
info_outline
Episode 906 - If You Are Involved In A Breach, Do Not Post About It
Security In Five Podcast
Eventually, you will be part of a breach. You will get a letter from your clinic or an email from a website you use that your credentials were compromised. This episode talks about what you shouldn't do if you get one of the see notices and why it could make things worse.
info_outline
Episode 905 - People Still Use Fax Machines, Here Are The Security Risks With Them
Security In Five Podcast
Believe it or not businesses still use fax machines to transmit data. This episode talks about the security gaps you have to be aware of if you use fax machines.
info_outline
Episode 904 - Opening Up Security In Five Website To Guest Posting
Security In Five Podcast
This podcast has a supporting blog at SecurityInFive.com. The blog is where you can find every single podcast episode as well as the content I have written over the years. This episode details how between now and June 30, 2021 I am opening the blog to guests posts at no cost to you.
info_outline
Episode 903 - Ring Adds End-To-End Encryption Finally
Security In Five Podcast
Ring is rolling out end-to-end encryption to their products. This episode talks about what this means and how it works.
info_outline
Episode 902 - Questions Hackers Ask Before They Attack You
Security In Five Podcast
Thinking like a hacker can help you protect yourself. This episode talks about the questions hackers ask before they attack a target.
info_outline
Episode 901 - Google Titan Key Can Be Cloned, But I Wouldn't Worry About It Too Much
Security In Five Podcast
Security researchers reported they were able to clone Google's Titan Security Key. The Titan is a hardware device to greatly improve multi-factor authentication. This episode talks about how the researchers were able to clone it and why you shouldn't be too worried about this or stop using your Titan keys.
info_outline
Episode 900 - Fired Healthcare Exec Used Secret Backdoor Caused Major Problems
Security In Five Podcast
A fired healthcare worker used a secret account to cause havoc after he left. This episode talks about the controls you can put in place to help detect behavior like this and how looking at data with proper business context can help you protect it better.
info_outlineThe first in a series of ten episodes going over each of the OWASP Top 10 items. A1 deals with Injection. This episode goes over the very high level description on what it is, how it's exploited and the damage that can be done.
Reference Links:
SQL Injection Prevention Cheat Sheet
Query Parameterization Cheat Sheet
OWASP SQL Injection Testing Guide
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com