惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
Lohrmann on Cybersecurity
Martin Fowler
Martin Fowler
Engineering at Meta
Engineering at Meta
腾讯CDC
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Microsoft Azure Blog
Microsoft Azure Blog
G
Google Developers Blog
TaoSecurity Blog
TaoSecurity Blog
博客园_首页
Vercel News
Vercel News
Hugging Face - Blog
Hugging Face - Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Last Week in AI
Last Week in AI
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
T
The Exploit Database - CXSecurity.com
量子位
Project Zero
Project Zero
A
Arctic Wolf
小众软件
小众软件
NISL@THU
NISL@THU
C
CERT Recently Published Vulnerability Notes
有赞技术团队
有赞技术团队
MongoDB | Blog
MongoDB | Blog
博客园 - 聂微东
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
N
News and Events Feed by Topic
宝玉的分享
宝玉的分享
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
T
Troy Hunt's Blog
P
Privacy & Cybersecurity Law Blog
Security Latest
Security Latest
B
Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
D
DataBreaches.Net
Schneier on Security
Schneier on Security
The Hacker News
The Hacker News
K
Kaspersky official blog
C
Check Point Blog
Hacker News: Ask HN
Hacker News: Ask HN
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Webroot Blog
Webroot Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
人人都是产品经理
人人都是产品经理
AI
AI
Cisco Talos Blog
Cisco Talos Blog
MyScale Blog
MyScale Blog
Cloudbric
Cloudbric
B
Blog RSS Feed
S
Schneier on Security
P
Palo Alto Networks Blog

Security Weekly Podcast Network (Audio)

Security Weekly Podcast Network (Audio): Why AI Just Broke Traditional IT Security as Leaders Clash Over AI Security Weekly Podcast Network (Audio): Dune References, FAT, Claude, ZhiPu, PolinRider, RentaBot, Sony, Aaran Leyland & More - SWN #596 Security Weekly Podcast Network (Audio): Defense-in-depth strategies for securing mobile applications - Ryan Lloyd - ASW #390 Security Weekly Podcast Network (Audio): Mastering agent permissions and Identiverse interviews - Howard Ting, Ajay Gupta, Sandy Bird, Amir Ofek - ESW #466 Security Weekly Podcast Network (Audio): Beyond the AI Hype, Cyber Readiness in the Age of AI - Gibb Witham - SWN #595 Security Weekly Podcast Network (Audio): Linux Tech Segment & Vulnerabilities Galore - PSW #933 Security Weekly Podcast Network (Audio): Performance Through People as Executives Struggle and Mentorship Matters - Greg Hoffman - BSW #454 Security Weekly Podcast Network (Audio): AI Cocaine Recipes, Russian Hack, Scattered Spider, Cisco, Amazon Q – Aaran Leyland - SWN #594 Security Weekly Podcast Network (Audio): Reducing Attack Surface & Evaluating Efficiency in Agents - Itamar Apelblat, David Goldschlag - ASW #389 Security Weekly Podcast Network (Audio): Fixing pentesting, Meta is destroying its engineering org, the weekly news - Adriel Desautels - ESW #465 Security Weekly Podcast Network (Audio): AI Brain Harvest, Fortibleed, Win 10, Blacksite, Windchill, Cisco, BB-8, Josh Marpet - SWN #593 Security Weekly Podcast Network (Audio): Cloud Visibility, Fortibleed, hacking things the easy way - Sandy Bird - PSW #932 Security Weekly Podcast Network (Audio): The Strategic Human Firewall as AI Impacts Regulations, Cyber Pros, and Employees - Robert Siciliano - BSW #453 Security Weekly Podcast Network (Audio): Turing, BODS, Struwwelpeter, EO-14409, VBScript, Pixemsmash, Cloudflare, Aaran Leylan - SWN #592 Security Weekly Podcast Network (Audio): How AI Is Reshaping Identity Security at the Infrastructure Layer - Amit Masand, Neha Duggal, Ev Kontsevoy - ASW #388 Security Weekly Podcast Network (Audio): Navigating Shadow AI in the Enterprise, Verizon Security Weekly Podcast Network (Audio): LLMS, Identity, EDR, JiGong, QiLin, Warlock, with Rob Allen from Threatlocker... - Rob Allen - SWN #591 Security Weekly Podcast Network (Audio): GPS, PCI, ARCH, OH MY! - PSW #931 Security Weekly Podcast Network (Audio): Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452 Security Weekly Podcast Network (Audio): TSME, ARCH, Maine, Fable, PANOS, Doug Security Weekly Podcast Network (Audio): Why Does It Matter Who or What Created the Code? - Matias Madou - ASW #387 Security Weekly Podcast Network (Audio): Safe AI at scale, what happens after initial access, and the weekly enterprise news - Albert Estevez Polo, Shiva Pillay - ESW #463 Security Weekly Podcast Network (Audio): Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More - SWN #589 Security Weekly Podcast Network (Audio): Trolling Microsoft With Vulnerabilities - PSW #930 Security Weekly Podcast Network (Audio): Innovation Without Data Security Risk as AI Unlocks Budgets and Identity Challenges - Tony Kelly - BSW #451 Security Weekly Podcast Network (Audio): Geinbot, SolarWinds, Brave, UNK_Deaddrop, durabletask, Insta, Aaran Leyland... - SWN #588 Security Weekly Podcast Network (Audio): Scanner Results Are a Starting Point. Here Security Weekly Podcast Network (Audio): The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462 Security Weekly Podcast Network (Audio): Local AI, Salesforce, Fluttershell, Aspose, http/2, Cisco, Used Tech, Josh Marpet - SWN #587 Security Weekly Podcast Network (Audio): Security Researchers Are Threat Actors - PSW #929 Security Weekly Podcast Network (Audio): Scaling to $100M as the Security Weekly Index Hits an All Time High - Joshua Gould - BSW #450 Security Weekly Podcast Network (Audio): Heraclitus, AI LLMs, SSO, TTP, NetLogon, PAN-OS, AI Cost, Aaran Leyland... - SWN #586 Security Weekly Podcast Network (Audio): BadHost, Dead CTFs, Exploding NPMs, and the Verizon DBIR - ASW #385 Security Weekly Podcast Network (Audio): Helping defense Security Weekly Podcast Network (Audio): Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet - SWN #585 Security Weekly Podcast Network (Audio): Linux Supply Chain How-To - PSW #928 Security Weekly Podcast Network (Audio): What Security Leaders Should Expect from RSAC - Joseph Blankenship - BSW #449 Security Weekly Podcast Network (Audio): Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland - SWN #584 Security Weekly Podcast Network (Audio): AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Merritt Maxim, Scott Clinton, Janet Worthington - ASW #384 Security Weekly Podcast Network (Audio): Visibility with EDR/MDR is still important, Security Weekly Podcast Network (Audio): TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet... - SWN #583 Security Weekly Podcast Network (Audio): FCC, Github, MiniShai-hulud, Stated of Supply Chain, Itron, CRA, NIS2, and more!! - PSW #927 Security Weekly Podcast Network (Audio): Shift to Prevention and Enforcement as We Repeat Security Mistakes With AI - Rob Allen - BSW #448 Security Weekly Podcast Network (Audio): My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582 Security Weekly Podcast Network (Audio): The State of AI & AppSec - Keith Hoodlet - ASW #383 Security Weekly Podcast Network (Audio): AI Has a data problem, cascading breaches, and the weekly news - Dimitri Sirota - ESW #459 Security Weekly Podcast Network (Audio): Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581 Security Weekly Podcast Network (Audio): You Security Weekly Podcast Network (Audio): Optimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI - Walter Scott Wilkens - BSW #447 Security Weekly Podcast Network (Audio): Tomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Giedi Prime, Aaran Leyland... - SWN #580 Security Weekly Podcast Network (Audio): Why Basic Security Practices Still Work - Rob Allen - ASW #382 Security Weekly Podcast Network (Audio): The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Chris Wallis, Deepen Desai, Erich Kron - ESW #458 Security Weekly Podcast Network (Audio): Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! - SWN #579 Security Weekly Podcast Network (Audio): Getting Rid of Your VPN - Rob Allen - PSW #925 Security Weekly Podcast Network (Audio): Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft - Dan Rochon, Arunesh Chandra, Edward Wu - BSW #446 Security Weekly Podcast Network (Audio): Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland - SWN #578 Security Weekly Podcast Network (Audio): Keeping Up With the OWASP GenAI Project - Scott Clinton - ASW #381 Security Weekly Podcast Network (Audio): Post Quantum Migration Struggles, AI Threats, and Modern Defenses - HD Moore, Ramin Farassat, Eyal Benishti, Daniel dos Santos, Bobby Ford - ESW #457 Security Weekly Podcast Network (Audio): DOS, Seneca the Younger, Outlook, CopyFail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet - SWN #577 Security Weekly Podcast Network (Audio): FIRESTARTER - PSW #924 Security Weekly Podcast Network (Audio): The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - Marc Manzano, Mark Hughes, Mehul Revankar - BSW #445 Security Weekly Podcast Network (Audio): Elfsmasher, PYPI, Facebook, Glassworm, Medtronic, OpenSSH, Sararimen, Aaran Leyland - SWN #576 Security Weekly Podcast Network (Audio): Top 10 Web Hacking Techniques of 2025 and a Hint for 2026 - James Kettle - ASW #380 Security Weekly Podcast Network (Audio): Rethinking Security from the OS Up in the Age of AI and more RSAC 2026 Interviews - Karen Heart, Sachin Jade, Phil Calvin, Craig Sanderson, Travis Wong - ESW #456 Security Weekly Podcast Network (Audio): Scylla &Charybdis, Kyber, Trigonia, Namastex, GitHub, Crypto, Cables, Aaran Leyland - SWN #575 Security Weekly Podcast Network (Audio): Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923 Security Weekly Podcast Network (Audio): From Shame to Fame: Changing Behaviors and RSAC Interviews from Tanium and Illumio - Andrew Rubin, Craig Taylor, Tim Morris - BSW #444 Security Weekly Podcast Network (Audio): Robosawmill, Gentleman, Vercel, GitHub, Claude, RS232, Josh Marpet, and More... - SWN #574 Security Weekly Podcast Network (Audio): The Human Aspect of Red Teams - Brian Fox, Tom Tovar, T. Gwyddon Security Weekly Podcast Network (Audio): Making AI actually work in the enterprise and more RSAC Conference 2026 interviews - Camellia Chan, Aamir Lakhani, Jim Spignardo, Jody Brazil, Ely Abramovitch - ESW #455 Security Weekly Podcast Network (Audio): Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet.. - SWN #573 Security Weekly Podcast Network (Audio): The AI "Vulnpocolypse" Is Real? - PSW #922 Security Weekly Podcast Network (Audio): Not All CISO Gigs Are Created Equal and RSAC Interviews from ESET and Mimecast - Rob Juncker, Joanna Chen, Tony Anscombe - BSW #443 Security Weekly Podcast Network (Audio): Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, ATC, Kieran Human and more - Kieran Human - SWN #572 Security Weekly Podcast Network (Audio): Securing Software Security Weekly Podcast Network (Audio): We catch up on the news, including AI vuln hunting; also more RSAC interviews! - John Wilson, Mark Lambert, Georges Bossert, Samuel Hassine - ESW #454 Security Weekly Podcast Network (Audio): Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet. - SWN #571 Security Weekly Podcast Network (Audio): AI Makes All Bug Shallow? - PSW #921 Security Weekly Podcast Network (Audio): Zero Trust Readiness and Two RSAC 2026 Interviews from Fenix24 and Absolute Security - John Bruggeman, Christy Wyatt, John Anthony Smith - BSW #442 Security Weekly Podcast Network (Audio): Cthullu, BlueHammer, NK, CUPs, Axios, Fortinet, Cognitive Surrender, Aaran Leyland - SWN #570 Security Weekly Podcast Network (Audio): AppSec News Roundup on Claude Code Leak, Axios NPM Compromise, Secure Design - Idan Plotnik, Raj Mallempati - ASW #377 Security Weekly Podcast Network (Audio): Battling payment fraud with tokenization and executive interviews from RSAC 2026 - Jimmy White, Thyaga Vasudevan, Brian Oh, Mickey Bresman, Ashish Jain - ESW #453 Security Weekly Podcast Network (Audio): DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet... - SWN #569 Security Weekly Podcast Network (Audio): What Is A Router? (And all things AI) - PSW #920 Security Weekly Podcast Network (Audio): Executive Paralysis and Two Pre-Recorded RSAC 2026 Interviews from DigiCert and Okta - Amit Sinha, Ann Marie van den Hurk, Matt Immler - BSW #441 Security Weekly Podcast Network (Audio): Beyond the Hype: Cyber Readiness, Zero Trust, and an Unscripted Conversation - Rob Allen, Gibb Witham - SWN #568 Security Weekly Podcast Network (Audio): Developing the Skills Needed for Modern Software Development - Keith Hoodlet, Shashwat Sehgal, Ron Rasin - ASW #376 Security Weekly Podcast Network (Audio): Oops, all Interviews: Switching to Cyber, CISO Reflections, and the State of TPCRM - Alexandre Sieira, Lenny Zeltser, Helen Patton - ESW #452 Security Weekly Podcast Network (Audio): Scam Baiting, AI, and the New Grift Economy, Part 2 - Rinoa Poison - SWN #567 Security Weekly Podcast Network (Audio): Scanning The Internet with Linux Tools - PSW #919 Security Weekly Podcast Network (Audio): Say Easy, Do Hard - Crypto-Agility - BSW #440 Security Weekly Podcast Network (Audio): Scam Baiting, AI, and the New Grift Economy, Part 1 - Rinoa Poison - SWN #566 Security Weekly Podcast Network (Audio): Why Proactive Security Is Far Better Than Patching - Erik Nost - ASW #375 Security Weekly Podcast Network (Audio): Can AI help critical infrastructure, the state of the cyber market, and weekly news - Mike Privette, Kara Sprague - ESW #451 Security Weekly Podcast Network (Audio): Ahab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet - SWN #565 Security Weekly Podcast Network (Audio): Hacking IP KVMs & Reversing with Radare2 - Sergi Àlvarez - PSW #918 Security Weekly Podcast Network (Audio): Language of the Board as CISO-Board Time Falls Short and CISOs Struggle with Risk - Ben Wilcox - BSW #439 Security Weekly Podcast Network (Audio): AI Spicy Mode, Steam, Glassworm, Samsung, Stryker, Waymo, Cole Porter, and More - SWN #564 Security Weekly Podcast Network (Audio): Creating Better Security Guidance and Code with LLMs - Mark Curphey - ASW #374 Security Weekly Podcast Network (Audio): AI Governance, new book (Code War) from Allie Mellen, and the weekly news! - Jeremy Snyder, Allie Mellen - ESW #450
Security Weekly Podcast Network (Audio): The Growth of Women in Cybersecurity Has Slowed - Why, and What Can We Do About It? - Lynn Dohm - ESW #392
2025-02-03 · via Security Weekly Podcast Network (Audio)

Feb 3, 2025

Celebrating and Elevating Women in Cyber: Recently, International Women in Cyber Day (September 1) highlighted the ongoing challenges women face in the cybersecurity field, as well as the progress made in recent years. Women bring exceptional skills and knowledge to cybersecurity; however, it is estimated that they make up only 20% to 25% of the cybersecurity workforce—a percentage that has remained stagnant for years. Even more concerning, women often hit a glass ceiling just six to ten years into their cybersecurity careers. Lynn Dohm sheds light on these issues and emphasizes what the industry needs to focus on to continue celebrating and elevating women in cyber.

Segment Resources:

This week, we've added an extra news segment just on AI. Not because we wanted to, but because the news cycle has bludgeoned us into it. My mom is asking about Chinese AI, my neighbor wants to know why his stocks tanked, my clients want to know how to prevent their employees from using DeepSeek, it's a mess.

First, a DeepSeek primer, so we can make sure all Enterprise Security Weekly listeners know what they need to know. Then we get into some other AI news stories.

DeepSeek Primer

I think the most interesting aspect of the DeepSeek announcements is the business/market impact, which isn't really security-related, but could have some impact on security teams. By introducing models that are cheaper to train, sell access to, and less demanding to run on systems, DeepSeek has opened up more market opportunities. That means we'll see generative AI used in markets and ways that didn't make sense before, because it was too expensive.

Another aspect that's really confusing is what DeepSeek is or does. For the most part, when someone says "DeepSeek", they could be referring to:

  • the company
  • the open source models released by the company
  • the SaaS service (https://chat.deepseek.com)
  • the mobile app (which is effectively just a front end for #3)
  • the API (which is what the mobile app and SaaS service are built on top of)

From a security perspective, there's little to no operational risk around downloading and using the models, though they're likely to get banned, so companies could get in trouble for using them. As for the app, API, or SaaS service, assume everything you type into them is getting collected by China (so, significantly less safe, probably no US companies should do this).

But because these services are crazy cheap right now, I wouldn't be surprised if some suppliers and third parties will start using DeepSeek - if your third party service provider is using DeepSeek behind the scenes with your data, you still have problem #2, so best to ensure they're not doing this through updated contract language and call to confirm that they're not currently doing it (can take a while to get a new contract in place).

This week in the enterprise security weekly news, we discuss

  1. funding and acquisitions
  2. Understanding the Semgrep license drama
  3. Ridiculous vulnerabilities everywhere:
  4. vulns to take down your entire city’s cell service
  5. vulns to mess with your Subarus
  6. vulns in Microsoft 365 authentication
  7. cybersecurity regulations are worthless
  8. Facebook is banning people for mentioning Linux
  9. Vigilantes on Github
  10. Mastercard DNS error
  11. Qubes OS
  12. Turning a "No" into a conversation

All that and more, on this episode of Enterprise Security Weekly!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-392