Cover art for podcast Security In Five Podcast

Security In Five Podcast

805 EpisodesProduced by Binary BloggerWebsite

Security In 5 podcast brings you security news, tips, opinions in the area of Information, IT and general security...all in about five minutes. Easy to listen to, easy to understand and adding awareness to help you strengthen your personal and business security posture. Be aware, be secure.

episodes iconAll Episodes

Episode 805 - China Blocking TLS 1.3, Here's Why And Why You Should Want To Use It

August 11th, 2020


China recently upgraded its Great Firewall to block and ban traffic using TLS 1.3. This episode talks about what TLS 1.3 provides and why China and others may want to block that.

Be aware, be safe.

Become A Patron!

Episode 804 - Have I Been Pwned Going Open Source

August 10th, 2020


Have I Been Pwned is a resource where you can find out if your email account has been involved in a public breach. This episode talks about a big …

Episode 803 - Tools, Tips and Tricks - Unroll.Me

August 7th, 2020


This week's tools, tips and tricks talks about This service will help you identify all those subscription emails you have collected over …

Episode 802 - What Is Up With The TikTok Ban

August 6th, 2020


TikTok is the thorn in security professional's sides. This app is a data vacuum and is accused of collecting more data than they admit and …

Episode 801 - The Best Practice To Handle Ransomware Are Backups and Zero Tolerance

August 5th, 2020


A health care company in New Jersey was hit by ransomware but they didn't pay and recovered from it. This episode talks about ransomware and the best practice to recover from it.

Be aware, be safe.

Become A Patron!

Epsiode 800 - 800th Episode - Thank You And How I Do The Podcast

August 4th, 2020


Another milestone reached; 800 episodes! This is a big thank you who tune in each day and I talk about how I started and keep doing to the podcast.

If you want to be a guest on the show, want to publish a blog article …

Episode 799 - Twitter Hack Pulled Off By A 17 Year Old Kid

August 3rd, 2020


Twitter was hacked and high profile accounts were used to steal money from unsuspecting users. This episode talks about the recent arrests of the alleged masterminds and you'll be surprised who they are and how they …

Episode 798 - Tools, Tips and Tricks - Signal

July 31st, 2020


This week's tools, tips, and tricks talks about the communication app Signal. If you care about your privacy and security when you communicate on …

Episode 797 - New Tool Helps You Find Shadow Admin Account In AWS and Azure

July 30th, 2020


CyberArk released a new tool for AWS and Azure to help you find Shadow Admin accounts. This episode talks about how the tool works and why you should …

Episode 796 - Facebook New Privacy Features Is Not A Security Improvement

July 29th, 2020


This episode talks about the underlying security of Facebook Messenger and how the new privacy features don't necessarily make the app any more secure.

Be aware, be safe.

Become A Patron! Patreon Page

*** Support the …

Episode 795 - Garmin Suffers Multi-Day Outage Due To Ransomware

July 28th, 2020


Garmin suffered a 5 day outage of their systems and services this week. This episode talks about the details of the outage and how this is a caution for your business going forward to protect yourself from a similar …

Episode 794 - Facebook Adds New Privacy Features To Messenger

July 27th, 2020


Facebook has rolled out a few new features in Messenger to help improve security and privacy. This episode goes through the new features and how to …

Epsiode 793 - Tools, Tips and Tricks - Milanote

July 24th, 2020


This week's tools, tips and tricks talks about a great planning tool called Milanote. This tool was given to me as a trial to check it out and I …

Episode 792 - North Korean Hackers Found Using Malware Framework To Carry Out Attacks

July 23rd, 2020


This episode talks about a newly discovered malware framework being used by a hacking group with ties to North Korea. This will shock you and give you more insight to what cybersecurity programs are up against defending …

Episode 791 - IoT Strikes Again - The UK Looks To Destroy Non Compliant Devices

July 22nd, 2020


IoT Strikes Again! The UK Government has proposed new laws to crack down on manufacturers that produce smart devices. This episode talks about what these security proposals are and why this is a very good thing for you.

Episode 790 - Thousands of F5 Big-IP Devices Still Unpatched From Level 10 Vulnerability

July 21st, 2020


A few weeks ago the US Cyber Command released an urgent alert on a vulnerability on F5 Big-IP devices. This vulnerability is so critical it was given …

Episode 789 - Huge Cloudflare Outage Shows The Fragility Of The Internet

July 20th, 2020


Last week Cloudflare, an Internet Service giant, suffered an outage caused by an internal change that went sideways. This episode talks about the outage, how it happened and how it shows the fragility of the Internet.

Episode 788 - Tools, Tips and Tricks - Best Free Wifi Scanner

July 17th, 2020


This week's tools, tips and tricks episode talks about a utility you will find very useful to help you tune your wifi network. WiFi Scanner by Lizard …

Episode 786 - Recent Twitter Hack Had Inside Help

July 16th, 2020


This week Twitter suffered a hack of some of their top accounts. Celebrity, high profile politicians, corporation's accounts were compromised and …

Episode 786 - The Big Firms Are Agreeing To Limit TLS Certificate Lifespans To 1 Year

July 15th, 2020


Mozilla, Apple, and Google are agreeing to limit TLC certificate lifespans through their browsers to 1 year, 398 days. This episode talks about why this is a security move but also why there is push back on this from IT …

Episode 785 - OAuth Attacks Are On The Rise, What Is It And How To Protect Yourself

July 14th, 2020


Phishing attacks are evolving to find new, sneakier ways to compromise your accounts and get your data. This episode talks about the rise of OAuth, …

Episode 784 - US Secret Service Strengthens Their Fight Against Cyber Crimes

July 13th, 2020


The US Secret Service announced a new task force aimed at financially motivated cybercrimes. This episode talks about this new task force and how you can reflect on its creation to your business.

Be aware, be safe.

Episode 783 - Tools, Tips and Tricks - Backing Up Your Home Data Regularly

July 10th, 2020


This week's tools, tips, and tricks episode talks about backups. Backups are one of the most valuable routines you should have in your networks. This …

Epsiode 782 - The US Is Looking To Ban TikTok

July 9th, 2020


The United States is taking personal privacy very seriously. The Secretary of State has come out and remarked that the US is looking to ban TikTok. This episode goes into what this means and if others around the world …

Episode 781 - Widespread HTTPS Adoption Means Security Protection Need To Evolve, Here's Why

July 8th, 2020


HTTPS adoption for all web apps is a good thing. However, if it's easy for you to set up it's easy for cyber-criminals to do the same. This episode …

Episode 780 - California CCPA Is At Full Strength Enforcement This Month

July 7th, 2020


The California CCPA was signed into law two years ago, went into effect Jan. 1, 2020 but on July 1, 2020, is now fully enforced. This episode talks …

Episode 779 - Political Campaign Apps Are Data Collection Gold Mines

July 6th, 2020


Political candidates are using apps more than ever to reach supporters and potential voters. However, these apps are a direct line to your data. This …

Episode 768 - Tools, Tips and Tricks - Windows File Recovery Tool

July 2nd, 2020


This week's tools, tips and tricks talks about a new Windows File Recovery tool. There are times that everyone hits the wrong key and deletes files …

Episode 777 - iOS 14 Privacy Features Breakdown

July 1st, 2020


iOS 14 will put more privacy control into the hands of the users. This episode breaks down the top privacy features coming in the new iOS release.

Be …

Episode 776 - iOS 14 New Privacy Features Exposes TikTok Behavior

June 30th, 2020


iOS 14 is coming this fall, 2020, but it's out in the wild in beta. Already the new privacy features are exposing apps bad behavior that until now was unknown to the users. This episode talks about what behavior TikTok …

Episode 775 - Lucifer Malware Raging Havoc On Enterprise Windows Machines

June 29th, 2020


A newly discovered malware dubbed Lucifer is raging havoc on Windows machines, primarily in the enterprise. This episode talks about what makes Lucifer so nasty and what you can do to protect your business against it.

Episode 774 - Tools, Tips and Tricks - Turn Off Apple's Secret Detailed Tracking On Your Phone

June 26th, 2020


Apple is one of the more transparent companies when it comes to security and privacy practices. However, that doesn't mean their products are …

Episode 773 - Unemployment Fraud, Why You Need To Understand How Scams Work To Protect

June 25th, 2020


Frauds and scams are running rampant right now but it's not enough to identify them and brush them aside. It's important to know how these work in order to get a better insight on where the criminals are getting their …

Episode 772 - IoT Strikes Again - Do Not Forget About Your Corporate Printers

June 24th, 2020


Internet-enabled devices are commonplace and each one can be a new vector of attack and surveillance on your networks. This episode talks about a new report from Shadowserver Foundation on their new scan for exposed …

Episode 771 - Adobe Wants You To Uninstall Flash, Time To Finally Let It Go

June 23rd, 2020


Adobe Flash has had its day and the true End Of Life is growing closer. This episode talks about Flash and what Adobe is doing to ensure Flash is wiped off the Internet.

Be aware, be safe.

Become A Patron! Patreon Page

Episode 770 - Zoom Flips, Will Offer End to End Encryption For All But With A Catch

June 22nd, 2020


Zoom announced a few weeks ago they would not be offering end to end encryption for free users. This cause outrage and Zoom have changed their stance …

Episode 769 - Tools, Tips and Tricks - How To Check Your Network From The Internet Tips

June 19th, 2020


This episode talks about some tips on how to check your network from the Internet. It's important to look at your network as hackers would.

Get your …

Episode 768 - Google Multi-Factor Defaulting To Phone Notifications, Not SMS Text

June 18th, 2020


Multi-factor authentication should be enabled everywhere you can. However, if you use SMS text messages to get your codes that method is not as …

Episode 767 - Covid Contact Tracing Apps, Most Americans Reject The Idea

June 17th, 2020


Contact tracing apps are powerful tools for researchers to track where the virus is spreading. However, the apps that have been released haven't been …

Episode 766 - WFH Alert, Consider Upgrading Your Old Routers

June 16th, 2020


Working at home has become the current normal but are you using vulnerable equipment? This episode talks about the importance of keeping up to date …

Episode 765 - Business Owner Gets Threats After Hackers Post Racist Messages

June 15th, 2020


Hackers are not about stealing your data or money. Hackers can cause serious damage to your business just by taking control of one social media …

Episode 764 - Tools, Tips and Tricks - Live Universal Awareness Map

June 12th, 2020


This week's tools, tips and tricks episode I talk about a news aggregator for serious events called the Live Universal Awareness Map. This map pulls …

Episode 763 - Mobile Banking Attacks On The Rise, FBI Warns

June 11th, 2020


The FBI issued a warning that users of mobile banking apps are on the rise. This episode talks about the things you can do to help identify and protect your mobile app use.

Be aware, be safe.

Become A Patron! Patreon …

Episode 762 - Special Guest - Darkweb Discussion With Design IT Solutions Founder

June 10th, 2020


This episode I welcome the president and founder of Design IT Soltuions to talk about the Darkweb. What is it? How your data ends up there and some …

Episode 761 - Business Email Compromise Scams Are On The Rise, What Can You Do About It

June 9th, 2020


Business Email Compromise Scams (BEC) are on the rise. This episode talks about how BEC scams work, a scammer that was caught, and what you can do to prevent becoming a victim to one.

Be aware, be safe.

Become A Patron!

Episode 760 - FTC Hits App Developer With COPPA Violation Fine, What Is COPPA?

June 8th, 2020


The Child Online Privacy Protection Act (COPPA) is a regulation aimed to keep children's data private and keep parents notified on an application's …

Episode 759 - Tools, Tips and Tricks -

June 5th, 2020


This week's tools, tips, and tricks talks about Back in episode 749, I had the CEO of Startpage on the podcast talking about the …

Episode 758 - Apple Tracking Looted iPhones

June 4th, 2020


Apple warns looters it can track all stolen iPhones. This episode talks about this feature that has been rumored but now confirmed.

Be aware, be safe.

Episode 757 - Want Encryption In Your Zoom Meeting, You Better Pay Up Or You Get Nothing

June 3rd, 2020


Zoom has announced that they are not 100% on board with your privacy, especially if you use the Free version of Zoom. This episode talks about what the Free version doesn't have and why Zoom chose to release it that way.

Episode 756 - Apple Pays $100,000 Bounty For Critical Sign In With Apple Bug

June 2nd, 2020


Apple paid out $100,000 to a security researcher for discovering a critical security defect with the Sign In With Apple feature. This has been fixed by Apple and this episode goes over what the bug was and why it …

Episode 755 - Minneapolis Hit By Cyberattack

June 1st, 2020


During the riots in Minneapolis the city websites were hit with a Denial of Service attack. This episode talks about what it did and how risk …

Episode 754 - Tools, Tips and Tricks - Vivaldi

May 29th, 2020


Last week I had the CEO of Vivaldi on the show and this week's tools, tips and tricks talks about the browser in more detail and with my opinion on …

Episode 753 - Trump Press Secretary Made A Mistake Revealing Sensitive Banking Info, A Caution For You Too

May 28th, 2020


Trump's press secretary made an innocent mistake to prove a point but revealed sensitive banking information at the same time. She flashed a check that was a donation of Trump's salary to a government department. …

Episode 752 - Flight Risk Employees Post Greatest Insider Threat

May 27th, 2020


A study of insider breaches revealed that the great insider threats are employees that are leaving the company soon or are deemed flight risks. This episode talks about this and things you can do as a security program …

Episode 751 - Special Guest Episode - Ransomware Discussion With Optiv CISO

May 26th, 2020


This episode I welcome another special guest. The Chief Information Security Officer from Optiv. We discuss ransomware in this new remote work world we find ourselves in and the challenges for businesses and individuals …

Episode 750 - LastPass Psychology of Passwords Report Review

May 21st, 2020


LastPass released their Psychology of Passwords report. This episode goes through the highlights of the report and talks about what you can do to …

Episode 749 - Special Guest Episode - CEOs From Vivaldi And Startpage With An Announcement

May 20th, 2020


This episode welcomes two special guests the CEO and Co-Founder of Vivaldi and the CEO and Co-Founder of Vivaldi is a privacy-focused web browser and is the world's most private search …

Episode 748 - Clever New Office 365 Phishing Can Bypass MFA

May 19th, 2020


Phishing is on the rise coming after all the remote workers. There is a new phishing campaign around Office 365 that can trick you to bypass your …

Episode 747 - Ransomware Attacks Evolve To Distruptionware

May 18th, 2020


Ransomware is one of the most common attacks that cause the most disruptions to businesses. Now they are evolving their tactics to the next level. …

Episode 746 - Tools, Tips and Tricks - Home Network Hacks

May 15th, 2020


This week's tools, tips, and tricks talk about a few home network hacks. Your equipment is good enough but there are things you can do to greatly …

Episode 745 - WordPress Plug-In Impacts 1 Million Websites, Don't Forget To Update Everything

May 14th, 2020


A report came out that a popular WordPress plugin with over 1 million active installs has two very serious security flaws. This episode talks about …

Episode 744 - State Sponsored Hackers Going After Vaccine Research

May 13th, 2020


The US FBI and Department Homeland Security is expected to send out a warning about state-sponsored hacking groups going after vaccine researchers. This episode talks about what this means and the steps you can take to …

Episode 743 - You Should Have And Use A Paper Shredder

May 12th, 2020


Working at home, kids schooling at home chances are you are dealing with more paper with sensitive information on it. Hackers can get your data from …

Episode 742 - Threat Modeling Is An Underappreciated Security Component

May 11th, 2020


Cloud adoption and moves to DevSecOps will continue to increase as the world comes out of this isolation. Businesses that have felt the pains of …

Epsiode 741 - Tools, Tips and Tricks -

May 8th, 2020


This week's tools, tips, and tricks talks about a mind mapping tool, Mind mapping is an effective way to get your ideas into a visual …

Episode 740 - IoT Strikes Again - Tesla Not Wiping Customer Data From Components

May 7th, 2020


Internet of Things strikes again. This series of episodes talk about the flaws in our strive to make everything electronic device able to be on the Internet. This episode talks about Tesla cars and how their storage and …

Episode 739 - Spear Phishing Compromises Over 150 Companies, How They Did It

May 6th, 2020


Spear phishing is a targeted email scam against high-level executives. This episode talks about an organized group that has compromised the emails of 150+ companies, how they did it, and some ways you can protect …

Episode 738 - Zoom Breach Was From Credential Stuffing, Not Necessarily Their Fault, Explained

May 5th, 2020


Zoom has had a rough couple of months when it comes to their security and privacy issues. A database of 500,000 accounts was found on the dark web. This episode talks about how the hackers got those accounts and in …

Episode 737 - The Most Twisted Phishing Campaign Appears, Lowest Of Lows

May 4th, 2020


Phishing attempts to prey on the fear and emotions of their victims. A new attack has popped up and it's the lowest form phishing I've seen. This …

Episode 736 - Tools, Tips and Tricks - Unplug Your Tech Life More Often

May 1st, 2020


Technology is saving us right now in this time of staying at home and distancing. This episode talks about what technology is allowing us to do but …

Episode 735 - Picking A VPN - Free Or Paid

April 30th, 2020


A Virtual Private Network should be something everyone uses in my opinion. This episode talks about the different reasons to use a VPN and whether a …

Episode 734 - Google Meet Is Now Free For Everyone, Security Posture Can Be An Advantage

April 29th, 2020


Google Meet has made the video conferencing platform free for all consumers. All you need is a Google account. This episode talks about the features of the free version and why security and privacy can be a competitive …

Episode 733 - Zoom Security Updates And Why You Should Realize Security Features Are Critical

April 28th, 2020


Zoom provided updates on their security improvement in their upcoming version 5.0 release. This episode talks about the updates and reminds you that security is not optional, users are paying attention and demand more …

Episode 732 - Nintendo Confirms Breached Accounts, Enable Multi-Factor Now

April 27th, 2020


Nintendo has confirmed that they suffered a breach where Nintendo accounts were compromised. This episode talks about the breach and why and how it's …

Episode 731 - Tools, Tips and Tricks - Use Agile To Create Your Own HomeOps Program

April 24th, 2020


This week's tools, tips and tricks episode talks about using Agile methods to help create more efficiency at home. From your kid's school work to …

IoT Strikes Again - Working Remote With Listening Devices Around

April 23rd, 2020


Internet of Things Strikes Again! This episode talks about the IoT listening devices you may have in your home and tips to help keep your private and business work secure. The devices are listening and recording and you …

Episode 729 - What To Look For In IRS Stimulus Check Scams

April 22nd, 2020


The economic impact payments, or "Stimulus Checks" are going out and are prime targets for scammers. This episode lays out what red flags you need to …

Episode 728 - Hacking Attacks Increase As Employees Goes Remote

April 21st, 2020


Remote employees are prime targets for hackers and they are taking advantage of it. This episode talks about the increase of hacking attacks and what can be done to curtain these increased threats.

Be aware, be safe.

Episode 727 - New Sophisticated Phishing Campaign Targeting GitHub

April 20th, 2020


Microsoft owned GitHub has sent out a warning about a new sophisticated phishing campaign. These emails are very convincing and appear to be extremely coordinated. This episode talks about the details and what you can …

Episode 726 - Tools, Tips and Tricks - Password Meter By

April 17th, 2020


Thie week's tools, tip, and tricks was submitted by a loyal listener. This website allows you to check the strength of your passwords and suggest …

Episode 725 - 25% Of DevOps Suffer Open Source Component Breaches

April 16th, 2020


A survey of over 5,000 software professionals stated that 1 quarter of DevOps applications suffered a breach linked to 3rd party open source components. This episode talks about the importance of open source management …

Episode 724 - Be Aware Of Fleeceware Apps

April 15th, 2020


There are many types of 'wares' out there. A new growing trend is something called Fleeceware. This episode talks about what it is and why you should …

Episode 723 - The Many Ways Hackers Are Using Coronavirus To Come After You.

April 14th, 2020


Hackers are using the Coronavirus situation in every type of attacks they conduct. This episode talks about other kinds of methods they use, other than phishing, to come after you.

Be aware, be safe.

Become A Patron!

Episode 722 - Phishing Attacks Are Going After Your Fear

April 13th, 2020


Phishing attacks are successful when they get people to act on their emotions rather than logic. This episode talks about reports from Microsoft and …

Episode 721 - Tools, Tips and Tricks - ATT&T Call Protect

April 10th, 2020


Thie week's tools, tips and tricks episode talks about an app from AT&T that can help protect you from scam calls. Thie episode goes over …

Episode 720 - Scammers Going After Stimulus Checks

April 9th, 2020


Scams are on the upswing and they are using any current events as their story. The new one is going after your potential stimulus checks. This …

Episode 719 - Zoom Bombing Might Land You In Jail

April 8th, 2020


Zoom bombing is when someone gets into a Zoom conference uninvited and causes problems. They could post explicit materials to spreading hate speech. …

Episode 718 - Tightening Identity Management In A Remote Workforce

April 7th, 2020


Remote workers are challenging to manage and track from an IT and Security perspective. That's why you need to have good identity management metric to lessen the need to know where users are and rely more on the …

Episode 717 - Docker Instances Targeted In Malware Campaign

April 6th, 2020


Docker is a popular deployment method for cloud-based applications. Like other cloud services, you need to be aware of how to secure them. This …

Episode 716 - Tools, Tips and Tricks - Covid Health Data Projections

April 3rd, 2020


Thie week's tools, tips and tricks talks about a website from the Institue of Health Metrics and Evaluation ( They have a …

Episode 715 - Zoom Freezing New Updates To Fix Security Holes

April 2nd, 2020


Zoom has become very popular over the last month with an increase of users from 10 million to over 200 million. That put Zoom's privacy and security …

Episode 714 - Know The Real World Rules To Avoid Common Scams

April 1st, 2020


Scams are going to increase for everyone and the best way to detect and avoid them, in my opinion, is to understand how the real world works. This …

Episode 713 - Remote Workers Being Targeted Through Communication Software

March 31st, 2020


Hackers and scammers are circling and starting to go after the millions of new, easy targets. You. Remote workers are prime for new attacks and tricks. This episode talks about how hackers are using communication …

Episode 712 - Distance Learning Flexes All Areas Of Home Cybersecurity

March 30th, 2020


Distance Learning has started across the country and that means millions of kids are working online. Communicating, transferring files, emailing and interacting. This episode talks about the precautions parents and …

Episode 711 - Tools, Tips and Tricks - Cybersecurity Activity Book For Kids

March 27th, 2020


While we are working at home and kids are home as well it's difficult to find things to do for them. This episode talks about a cybersecurity …

Episode 710 - A Breach Of Fingerprints Shows The Downside Of Biometrics

March 26th, 2020


Biometrics is a unique identifier from the physical body of a user. It's unique but has a big downside if it's breached. This episode talks about a …

Episode 709 - Two New Windows Zero Day Bugs Being Attacked

March 25th, 2020


Two new zero-day bugs in all live Windows versions are being attacked in the wild. This episode talks about this and steps you can put in place to prevent this attack until Microsoft releases a patch.

Prevention Steps -

Episode 708 - VPN Use On The Rise, Why You Should Use One Too

March 24th, 2020


In the current situation of remote workers, Virtual Private Network use is on the rise. This episode talks about why you should use one and the …

Episode 707 - Reverse Identify Theft, People Claiming To Work For You

March 23rd, 2020


This episode talks about challenging problem inside social media sites, reverse identity theft. This is where someone will create a profile claiming to work for or associated with your company when they are not.

Be …

Episode 706 - Tools, Tips and Tricks - Kaspersky Security Cloud Free

March 20th, 2020


This week's tools, tips, and tricks talk about a free endpoint security solution for your home PCs. Kaspersky Security Cloud Free.

Review -

Episode 705 - It Is Time For Multi-Factor Authentication To Shine

March 19th, 2020


In the current situation of large scale remote workers, the use of cloud services the best security improvement you can make is enabling multi-factor …

Episode 704 - Home Router Security Tips

March 18th, 2020


In today's current events your home network is being used more often and by more people than normal. With school devices, work devices, and your own …

Episode - 703 - HHS Hit By Cyberattack, This Is Just The Beginning

March 17th, 2020


The Department of Health and Human Services (HHS) was hit by a cyberattack. This episode talks about the attack and how this is just the beginning.

Be aware, be safe.

Sign-Up For FREE security awareness training here.

Episode 702 - The 'What If' Situations Are Here, Were You Prepared

March 16th, 2020


The What-If scenarios we have talked about and hoped would never come, are here. This episode talks about what this means for your security program …

Episode 701 - Work Form Home Week - Agile + Cloud = Productivity

March 13th, 2020


This episode talks about how you can use agile mentality with collaborative cloud services to maintain and improve productivity in work at home …

Episode 700 - Work From Home Week - The Unique Management Discipline

March 12th, 2020


Episode 700, first a big thank you to all the listeners that kept motivating me to get to 700! This episode talks about the management and personal disciplines for working at home.

Be aware, be safe.

Sign-Up For FREE …

Episode 699 - Work From Home Week - Security Considerations

March 11th, 2020


Work at home employees security should not be overlooked. Security for the business assets, data and employees are vital to be maintained in a work …

Episode 698 - Work From Home Week - IT Considerations

March 10th, 2020


Work From Home week, IT Considerations. Remote employees need equipment to work with. Do you allow them to you use their own personal equipment or provide it to them? How do they connect to your network? What can they …

Episode 697 - Work From Home Week - Things To Think About

March 9th, 2020


This week will be dedicated to working at home. With the current situation in the world today perception is becoming reality as a part of that allowing employees to work remotely is something that needs to be addressed.

Episode 696 - Tools, Tips and Tricks -

March 6th, 2020


This week's tools, tips and tricks episode talks about A website with detailed instructions on how to delete your accounts off …

Episode 695 - Firefox Rolls Out DNS Over HTTPS, Here's How To Enable It

March 5th, 2020


Firefox rolled out DNS over HTTPS. For users in the US it's on by default, however, you should double-check. This episode talks about what DNS over …

Episode 694 - Shark Tank Star Loses $400k To Phishing, It Can Happen To Anyone

March 4th, 2020


Phishing campaigns are targeted and anyone can fall for them. A Shark Tank star's company was attacked and successfully phished. This episode talks …

Episode 693 - Walgreens App Leaked Customer Data, Security Failure Through Poor Testing

March 3rd, 2020


Walgreens announced that in Jan 2020 their mobile app leaked sensitive customer data. This episode talks about the data that was leaked and how the security failure happened.

Be aware, be safe.

Sign-Up For FREE security …

Episode 692 - Use The Coronavirus To Improve Your IT Disaster Recovery Plans

March 2nd, 2020


The coronoavirus is a serious situation around the globe. Is your business and personnel ready to deal with disruptions? This episode talks about how you can use the current events to improve your security and disaster …

Episode 691 - Tools, Tips and Tricks -

February 28th, 2020


Thie week's tools, tips and tricks episode talks about GitHub's status page. is a great dashboard for the current and past health of …

Episode 690 - Soft Skills IT Professionals Should Work On

February 26th, 2020


Developers and IT professionals are very well versed in their technical skills and expertise. However, there are other non-technical skills we should …

Episode 689 - The EU Chooses Signal As Their Official Messaging App

February 26th, 2020


UPDATE - I made rare goof and said WhatsApp was bought by Microsoft, this is obviously not correct, I have updated the audio with the correct Facebook reference.


The EU announced that its staff is to use the messaging …

Episode 688 - OpenDXL Ontology - The Open Source Messaging For Security Tools

February 25th, 2020


With so many security tools it's challenging to get them to talk to each other. The Open Cybersecurity Alliance (OCA) has released a new messaging …

Episode 687 - Apple Safari To Begin Rejecting HTTPS Certificates With Long Expiration

February 24th, 2020


HTTPS is becoming a huge push across the industry, which is good. Enabling HTTPS is not without its maintenance. Apple announced the Safari browser is going to pay closer attention to certificates expiration dates. This …

Episode 686 - Tools, Tips and Tricks - CRXcavator

February 21st, 2020


This week's tools, tips and tricks talk about a security risk assessment tool called CRXcavator. This service specifically scans the Google Web Store …

Episode 685 - MGM Hotels Breached, 10 Million Records Exposed

February 20th, 2020


Another day another breach to talk about. Today MGM resorts had 10 million records from a breach last year posted online. This episode talks about the breach and what you can do to protect yourself if you are part of it.

Episode 684 - 500 Malicious Chrome Extensions Removed From Google Web Store

February 19th, 2020


An investigation identified over 500 malicious Chrome extensions in the Google web store that were ultimately removed. This episode talks about what …

Episode 683 - Puerto Rico Government Loses Millions In Phishing Scam

February 18th, 2020


Another day another large entity falls for a phishing campaign. This episode talks about how the government of Puerto Rico lost $2.6 million and how you can prevent attacks like this.

Be aware, be safe.

Sign-Up For FREE …

Episode 682 - Ransomware Can Bring More Damage To Your Business - Lawsuits

February 17th, 2020


Ransomware infections can bring sudden and significant costs to your business. From IT hours to new systems, disruptions in profits to pay for credit protection. Recently a new cost is rising, defending against …

Episode 681 - Tools, Tips and Tricks - The Twelve Factor App

February 14th, 2020


This week's tools, tips, and tricks episodes talk about The Twelve Factor App. A methodology to help developers build software as a service in the …

Episode 680 - Coronavirus Being Used In New Phishing Campaigns

February 13th, 2020


Phishing will always be out there and there is a new campaign going around feeding off the Coronoavirus fears. This episode talks about what these emails look like and why phishing is so prominent.

Be aware, be safe.

Episode 679 - Google Leaked Photos Between Users

February 12th, 2020


Google announced that back in November of 2019 there was a bug in Google Takeout that had user's videos in other user's feeds. This episode talks about this event and the risks of using the cloud.

Be aware, be safe.

Episode 678 - Google Chrome To Block Downloads Over HTTP

February 11th, 2020


Google Chrome, starting with the April 2020 release, will begin to roll out blocking downloads over HTTP. This episode goes into the details and what …

Episode 677 - Four Chinese Military Members Charged With The Equifax Hack

February 10th, 2020


The US Government has officially charged foud members of the Chinese military for the Equifax breach. This episode goes into the details and the amazing forensic work to not only identify the source of the breach but …

Episode 676 - Tools, Tips and Tricks - DownDetector

February 7th, 2020


Thie week's tools, tips and tricks talks about This website comes in very handy when you are troubleshooting connection or service …

Episode 675 - Even Microsoft Struggles With Security Administration, Just Like You

February 6th, 2020


Earlier this week Microsoft Teams suffered a big outage. This episode talks about the reason for the failure and goes to show you that stupid mistakes can happen to any security team, even Microsoft.

Be aware, be safe.

Episode 674 - The Dangers And Cautions With Using Open Source Software

February 5th, 2020


Open-source software can make developing software easier and faster but there is a downside to it. This episode talks about the danger and cautions from using open source software and some things you need to do to …

Episode 673 - Google Open Sources Security Key Code

February 4th, 2020


Google announced that it will be making its OpenSK source code available to the public. This move is to help improve the project and increase the adoption of authentication security.

Source Code -

Episode 672 - Tax Identity Theft Awareness Week

February 3rd, 2020


Today kicks off the FTC's Tax Identity Theft Awareness Week. This episode talks about what it is and some things you can do to protect yourself.

FTC Awareness Website -

Episode 671 - Tools, Tips and Tricks - Manage Off-Facebook Data On Facebook

January 31st, 2020


Facebook collects tons of data about you and it's not all from Facebook. Other websites and applications send data about you to Facebook. You can now …

Episode 670 - IoT Strikes Again - The UK Takes The First Steps To Securing IoT

January 30th, 2020


Internet of Things is a thorn in my side and I have a running series whenever IoT stories come up I call IoT Strikes Again. This episode talks about a positive twist that is starting to happen that I have been begging …

Episode 669 - OurMine Hijacks NFL Team Twitter Accounts, Prank Style

January 29th, 2020


The Twitter accounts of 16 NFL teams were compromised by the hacking group OurMine. Instead of spreading malicious activity they promoted security awareness. This episode goes through the hack and why it's unique.

Be …

Episode 668 - Zoom Users Should Be Aware Of This Serious Bug

January 28th, 2020


Zoom is a popular conferencing platform that millions use every day. There was a serious security bug found that all users should be aware of. This …

Episode 667 - Never Read Back Any Text Message Codes To Anyone

January 27th, 2020


Scams come in many forms and you don't have to have a financial loss when it comes to identity theft. This episode talks about a scam that goes after your phone number and text messaging.

Thanks to Wizer (

Episode 666 - Tools, Tips and Tricks - WizTree

January 24th, 2020


This week's tools, tips and tricks talks about a lightweight, fast storage analyzer called WizTree.

WizTree Download

Be aware, be safe.

Sign-Up For …

Episode 665 - Proton Technologies Open Sourcing All Client Facing Tools

January 23rd, 2020


Proton Technologies, the maker of ProtonMail, is beginning to make all their client-facing platforms open source. This episode talks about this move …

Episode 664 - Microsoft Exposes 250 Million Records Of Logs

January 22nd, 2020


Cloud misconfigurations can happen to anyone. Microsoft recently had misconfigured databases that exposed 250 million records going back 14 years. This episode talks about what happened.

Be aware, be safe.

Sign-Up For …

Episode 663 - Mozilla Lays Off Employees As It Figured Out The Future

January 21st, 2020


Mozilla, the maker of the Firefox browser, recently had layoffs. This episode talks about this move, why they did it and what the future means for Mozilla.

Be aware, be safe.

Sign-Up For FREE security awareness training …

Episode 662 - Tools, Tips and Tricks - Pi-Hole

January 17th, 2020


This week's tools, tips, and tricks talks about a Raspberry Pi project I put in called Pi-Hole. This episode talks about what it does, how it was …

Episode 661 - Microsoft Rolls Out New Browser, Whether You Want It Or Not

January 16th, 2020


Microsoft rolled out its new Chromium based Edge browser starting this week. This episode talks about how they rolled it out and why they did it that …

Episode 660 - Update Windows 10 Now, Urgent

January 15th, 2020


You should always be updating your Windows OS each month. However, this month you need to make sure your system took the update. There is a serious …

Episode 659 - TikTok Riddled With Security Problems

January 14th, 2020


TikTok is one of the most popular apps in the world and one that has the most privacy issues. Now researchers have found serious security …

Episode 658 - Security Tips For Returning College Students

January 13th, 2020


College students are returning to class after winter break and now is a good time to clean up and strengthen their security posture. This episode …

Episode 657 - Tools, Tips and Tricks - Tips To Make Office 365 MFA Better

January 10th, 2020


This week's tools, tips, and tricks episode talks about tips to help make your Office 365 setup more secure and effective.

Source article.

Be aware, …

Episode 656 - Ring And Amazon Sued Over Hacking

January 9th, 2020


A class action lawsuit has been filed against Amazon and Ring over the recent doorbell hacks. This episode talks about this and what side I am supporting, the answer may surprise you.

Be aware, be safe.

Sign-Up For FREE …

Episode 655 - Celebrity Twitter Accounts Hacked, A Reminder To Review Your Settings

January 8th, 2020


Over the last two weeks, a couple of big celebrities had their Twitter accounts hacked. This episode talks about how you can use these stories as a …

Episode 654 - Firefox 72 Will Allow Users To Delete Telemetry Data

January 7th, 2020


Mozilla announced that Firefox 72, releasing the week of 1/13/2020, will allow users to delete the telemetry data the browser collects. This episode …

Episode 653 - A Big Security Risk For The Next 12 Months For Your Paper Signatures

January 6th, 2020


We still hand-sign documents and date them. This episode talks about a unique but potential dangerous risk to your signatures that only will be a problem for the next 12 months.

Be aware, be safe.

Sign-Up For FREE …

Epsiode 652 - Tools, Tips and Tricks -

January 3rd, 2020


This week's tools, tips, and tricks talk about a search engine for all the app developers out there. is a search engine for source …

Episode 651 - Tech Predictions for 2020

January 2nd, 2020


The first episode of 2020 and I am going to give 5 predictions I think will happen in 2020. This is something I do every year over on my blog and then recap a year later to see who I did.


Episode 650 - Tools, Tips and Tricks - Be Careful Of The Trash You Leave Out In The Open

December 27th, 2019


After you receive your new gifts you need to dispose of the boxes they came in. It's easy to leave them out for your waste management service to get them but you may be exposing more than you want. This episode talks …

Episode 649 - Update Those New Devices Before Using Them

December 26th, 2019


This gift-giving season you may have given or received a new technology device. This episode talks about the importance of applying any and all new …

Epiosde 648 - Tools, Tips and Tricks - Verify Your Automatic Updates Are Working

December 20th, 2019


This week's tools, tips, and tricks talk about a tip on software updates. This episode gives you details and why it's important to check over your …

Epiosde 647 - Facebook Just As Susceptible to Employee Errors As You

December 19th, 2019


Facebook suffered a loss of internal employee payroll data. The cause shows how they can suffer from the same internal breakdowns as you. This …

Episode 646 - The Most Popular Business Phishing Email Types

December 18th, 2019


This time of year phishing attacks increase. This episode talks about the most common types against businesses.

Be aware, be safe.

Sign-Up For FREE security awareness training here.

Become A Patron! Patreon Page

*** …

Episode 645 - Ring Camera Hacked, But Because Of Poor User Password Practices

December 17th, 2019


A news story was popular this past week about a Ring security camera in a girl's room getting hacked. However, this episode talks about where the …

Episode 644 - Another Example Of Cloud Security And Supply Chain Accountability

December 16th, 2019


This episode talks about two security topics to learn from one incident. The first is another case of misconfigured cloud services and the other is to not forget about your 3rd party compliance checks.

Be aware, be safe.

Episode 643 - Tools, Tips and Tricks - Spread Your Security Knowledge This Holiday Season

December 13th, 2019


This week's Tools, Tips and Tricks is a tip for all of you. Spread your security knowledge during this time of gift-giving, new technology being …

Episode 642 - Survey Shows How Bad Password Practices By People Are

December 12th, 2019


Passwords are a weakness in authentication when people are creating them. This episode talks about a survey and how bas individual password practices …

Episode 641 - Amazon Releases Tool To Battle Leaky S3 Buckets

December 11th, 2019


Amazon AWS has announced a tool that will help detect and alert users if their S3 bucket is exposed to the public. This episode talks about the tool …

Episode 640 - IoT Strikes Again - Jan 14 2020 Doomsday For Health Devices

December 10th, 2019


Internet of Things Strikes Again! This time Jan. 14, 2020 will be a big problem date for health care IoT devices. This episode tells you why.

Be aware, be safe.

Sign-Up For FREE security awareness training here.

Become …

Episode 639 - Security In Five Holiday Bonus Content Coming

December 9th, 2019


The year is coming to a close and it's a good time to think about your security hygiene. I will be making infographic type guides to provide tips and tricks you can do to strengthen your security posture.

The first one …

Episode 638 - Tools, Tips and Tricks - Flan Scan

December 6th, 2019


This week's tools, tips, and tricks talk about a new free tool from Cloudflare called Flan Scan. Flan Scan is a lightweight security vulnerability …

Episode 637 - IoT Strikes Again - Kids Smartwatch Leaking Personal Data

December 6th, 2019


Internet of Things strikes again! This time a kid's smartwatch was found to be leaking kid's personal data. This episode talks about this and the overall caution during the gift-giving season for devices with …

Episode 636 - A Story On Why Vulnerability Risk Management Is Not A One Time Task

December 4th, 2019


Vulnerability management the process to scan and review for all vulnerabilities in an environment. This should be a continuous and repeated process. …

Episode 635 - Amazon Looking To Use AI Facial Recognition On Your Ring Doorbell

December 3rd, 2019


Amazon Ring doorbells are a very popular and cheap home security device. High-quality videos capturing whoever approaches your home. Now Amazon is …

Episode 634 - Another Unsecured Database In The Cloud Exposes Millions Of Records

December 2nd, 2019


Another unsecured database in a cloud service left wide open and exposed millions of people's data. This episode talks about this lack of security and how it puts users at risk but also the business itself from the data …

Episode 633 - Most Companies Do Not Manage 3rd Party Risk Efficiently

November 27th, 2019


In today's complex business systems it's hard to not have 3rd party components used within your environment. Whether it's an open source module or a …

Episode 632 - DuckDuckGo Expands Automatic Encrypting Websites For You

November 26th, 2019


Browsing the Internet securely is very important. Making sure websites are using HTTPS yourself is not something anyone can do reliably. This episode talks about a new feature DuckDuckGo released to help users always …

Epiosde 631 - Disney+ Accounts Weren't Hacked, Password Reuse Is To Blame

November 25th, 2019


Disney+ launched recently and shortly after news appeared that accounts were for sale. This was accurate however it wasn't because Disney+ was hacked and breached. This episode explains what happened.

Be aware, be safe.

Episode 630 - Tools, Tips and Tricks - Stop Printing Your Airplane Boarding Passes

November 22nd, 2019


The air travel season is upon us and this week's tools, tips, and tricks talks about why you should stop printing your boarding passes.

Be aware, be …

Episode 629 - Streaming Services Are Driving Up Torrent Use, That's Bad For Your Security

November 21st, 2019


Video streaming services are popping up all over the place and that is becoming a security risk to your home network. This episode talks about why video streaming services will drive up torrenting and how that can bring …

Episode 628 - Another Government Agency Got Hit With Ransomware, Only They Were Ready

November 20th, 2019


It's another day and another story about a state government getting hit with ransomware. However, this time it's different, the Louisiana government offices were ready with a plan. This episode talks about what they did …

Episode 627 - What Is Dark Web Identity Scanning

November 19th, 2019


Identity theft protection services are increasing their marketing about Dark web scanning. What is the Dark Web and how does this scanning really …

Episode 626 - Be Careful Trusting Service Centers With Your Phone, A Story

November 18th, 2019


Your phone is the center of your digital and personal information world. It's the gateway to your social, financial and personal life. This episode talks about a story where a service employee abused access to a …

Episode 625 - Tools, Tips and Tricks - Free Tools From McAfee

November 15th, 2019


This week's tools tips and tricks episode talks about free anti-malware tools from McAfee.

Tool Download Page -

Episode 624 - Not Encrypting Mobile Devices Led To A $3 Million Fine

November 14th, 2019


This episode talks about a series of breaches from a medical center that ultimately led to a hefty fine.

Be aware, be safe.

Sign-Up For FREE security …

Episode 622 - Hospital Breaches May Be Killing People

November 12th, 2019


This episode talks about a report that found a correlation between breaches at hospitals and mortality rates of patients after a breach. The results …

Episode 621 - BlueKeep Vulnerability Exploit In The Wild, Patch Now

November 11th, 2019


BlueKeep was announced by Microsoft and a patch was made available shortly after. This vulnerability was deemed critical by Microsoft as the exploit …

Episode 620 - If You Have A Hard Drive Connected To Your Router You Must Do This

November 8th, 2019


This week's Tools, Tips and Tricks talks about a big tip you should do if you have any shared storage on your home router. Too often I come across …

Episode 619 - Modern Cybersecurity Is Not Difficult To Obtain For A Small Business

November 7th, 2019


This episode discusses a different viewpoint I have from an article I read that stated cybersecurity is inaccessible to small businesses. I talk about how I feel this is not accurate and security can be obtained by …

Episode 618 - Most Breaches In 2019 Were Due To Lack Of Security Patching

November 6th, 2019


This episode talks about a report from ServiceNow on the reasons for the majority of breaches in 2019.

Be aware, be safe.

Sign-Up For FREE security awareness training here.

Become A Patron! Patreon Page

*** Support the …

Episode 617 - Your Old Wireless Router Is A Prime Target For Hackers

November 5th, 2019


Most of us have routers in our homes that are several years old and are not maintained as well as they should be. This episode talks about why it's …

Episode 616 - A Story On Why Your Company Shouldn't Ignore Physical Threats

November 4th, 2019


Physical threats to your offices are often over-looked or do not have the attention that digital threats do. This episode talks about a story where a man infiltrated two companies and hacked their networks.

Be aware, be …

Episode 615 - Horror Stories Coming To Pateron Site

November 1st, 2019


I have been collecting cybersecurity horror stories from you. I have enough now to begin making episodes with them. If you have a horror story you …

Episode 614 - Trick Or Treating Safety Tips For Your Kids

October 31st, 2019


Halloween night is a time when your kids are off on their own, going door to door in the dark. This episode goes over some safety tips you should …

Episode 613 - Senators Are Pointing Some Blame To AWS In A Major Breach

October 30th, 2019


Senators have written a letter to the FTC to investigate Amazon for their part in the Capital One breach. This episode talks about this letter and why it's not exactly on track to what happened.

Be aware, be safe.

Episode 612 - What Is The Most Effective Phishing Tactic

October 29th, 2019


The Q3 2019 Top-Clicked Phishing Tests Report from KnowBe4 details what phishing emails fool the most people. This episode goes through those and why …

Episode 611 - New Privacy Bill Calling For Jail Time For Executives

October 28th, 2019


A new privacy bill called the Mind Your Own Business Act is trying to be GDPR-like, except this is calling for jail time for executives. This episode talks about this approach and what may happen from this type of fear …

Episode 610 - Tools, Tips and Tricks - ExpressVPN And A Deal For You

October 25th, 2019


This week's Tools, Tips and Tricks is about ExpressVPN. I am asked often what I use and generally avoid pointing to one or another.  With the recent …

Episode 609 - Security Awareness Starts With Your Leaders

October 24th, 2019


Security awareness programs can be seen as important by company leaders but most do not realize how important a role they can play. Through a …

Episode 608 - Interesting Story About Police Encrypting Radio Traffic

October 23rd, 2019


Security topics are all around us. This epsiode talks about an interesting take when police departments move to encrypted radios.

Be aware, be safe.

Episode 607 - Your Security Program Needs To Be Open To All Employees

October 22nd, 2019


Security programs rely on every employee more than you realize. In order for the security program to be everywhere the employees need to be the eyes and ears when security cannot. This episode talks about how it's …

Episode 606 - Employee Education Investment Is Worth It

October 21st, 2019


Educating employees on security is worth the investment. This investment is not just financial but time, effort and participation from all employees. This episode talks about how this is a worthy investment and the …

Episode 605 - Tools, Tips and Tricks - Grasshopper

October 18th, 2019


Eventually your small business will grow and you will need a professional voice phone system. Grasshopper is a virtualized phone system that can get you up and running quickly from any device you have, not tied to a …

Episode 604 - Employees Are Your Best Line Of Defense

October 17th, 2019


October is Security Awareness Month and this epsiode talks about your security program's best line of defense, your employees.

Be aware, be safe.

Sign-Up For FREE security awareness training here.

Become A Patron!

Episode 603 - Microsoft and NIST Partnering On A Patching Guide

October 16th, 2019


Microsoft and The US National Institute of Standards and Technology (NIST) are partnering together on a new guide for Enterprise Patching Practices. …

Epiosde 602 - IoT Strikes Again - How To Tell Google Home To Stop Remembering Everything

October 15th, 2019


IoT Strikes again. This is a reminder that Google Home devices through Google Assistant will remember everything about you unless you review, purge or stop it altogether. This epsiode goes through the steps to do.

Episode 601 - IoT Strikes Again - D-Link Home Routers Won't Be Fixed

October 14th, 2019


IoT Strikes Again! This episode is about the risks of relying on vendors to do the right thing with their products. A serious vulnerability has been …

Episode 600 - Tools, Tips and Tricks -

October 11th, 2019


Episode 600! WHOA!

Thie week's Tools, Tips and Tricks is around Internet of Things Strikes Again, only this site helps you know what devices are …

Episode 599 - No Matter Your Size, Cybersecurity Matters To Your Business

October 10th, 2019


Cybersecurity awareness in your business is a critical component no matter your business side. This epsiode talk about how everyone is a target. 

Be aware, be safe.

Sign-Up For FREE security awareness training here.

Episode 598 - Cybersecurity Awareness Should Not Be Cost Prohibitive

October 9th, 2019


Security Awareness is the first, best defense againt email attacks like phishing, ransomware and account theft. Email attacks are the most prominent form currently and every person on a computer connected to email and …

Episode 597 - The Internet Gets A Little More Secure At HTTP v3 Rolls Out

October 8th, 2019


The iteration of HTTP, version 3, is beginning to be rolled out by CloudFlare. Chrome and Firefox are also beginning to support it. This epsiode …

Episode 596 - Ex-Yahoo Employee Admits To Abusing Internal Access To Hack Accounts

October 7th, 2019


Internal employees with the access cannot be ignored when it comes to risk assessments. You may trust the individuals but not everyone is trustworthy all the time. This episode talks about this internal abuse of access …

Episode 595 - Tools, Tips and Tricks - Facebook Container By Mozilla

October 4th, 2019


This week's tools, tips and tricks talks about another great security tool from Mozilla in their Firefox browser. The Facebook Container is a must …

Episode 594 - Identity Management, Access Creep Through Role Changes Is A Big Problem

October 3rd, 2019


Identity and access management can be considered the cornerstone of all security. If you build something, someone or something probably needs access to use it. This episode talks about access creep and why it's still a …

Episode 593 - The Top VPN Services With Strict No Logging Policies

October 2nd, 2019


Using a Virtual Private Network (VPN) is one of the best and easiest security protection you can do. This epsiode talks about the top VPNB services …

Episode 592 - Microsoft Adds More Blocked File Extensions In Outlook Web

October 1st, 2019


Microsoft continues to push security improvements down to the users. In the web version of Outlook (OWA) Microsoft added 38 more extensions that will be prevented from being downloaded. This episode talks about the …

Episode 591 - If Your Own Any iPhone You Need To Hear About This Exploit

September 30th, 2019


Most exploits on devices are software based, they can be fixed and patched by the manufacturer. Occasionally there are exploits that are hardware based, especially at the core processor that cannot be patched through …

Epiosde 590 - Podcast Awards This Sunday

September 27th, 2019


Security In Five was nominated for a People's Choice Podcast award in the Technology category. The award ceremony is this Sunday September 29th at …

Episode 589 - In iOS13 Why Do Apps Want To Access My Bluetooth

September 26th, 2019


iOS 13.1 added some great new features including more transparency on what your apps are doing and accessing. This episode talks about the Bluetooth …

Episode 588 - Read Breach Reports Regularly To Learn Where Others Goofed

September 25th, 2019


Breaches happen all the time. Although they are incidents with other companies you as a security professional can learn from them. This epsiode talks about why it's important to look into the published breaches and …

Episode 587 - Wasting Scammers Time

September 24th, 2019


Scammers are all over the Internet trying to rip you off, steal your data and destroy your life. This episode talks about what I do to learn these scams to help educate others about them.

Be aware, be safe.

Sign-Up For …

Episode 586 - Security Terms Application Developers Should Know

September 23rd, 2019


Application developers are masters of their craft. Writing code also requires knowledge of security concepts and methods. This epsiode talks about …

Episode 585 - New Partnership With Wizer Training, FREE Security Awareness Training For You

September 20th, 2019


Security Awareness training is an important aspect to a security program. Knowledge is everything and the worst thing to have is access to that be cost prohibive. Not today.

This episode talks about my new partership …

Episode 584 - You Need To Make Sure Your LastPass Browser PlugIn Is Up To Date NOW

September 19th, 2019


This episode is a high urgent notice that if you use the LastPass browser plug-in to make sure it's updated. Listen for the details.

Be aware, be safe.

Become A Patron! Patreon Page

*** Support the podcast with a cup of …

Episode 583 - New Ruling On Website Data Collection Impacts Your Privacy, Sort of

September 18th, 2019


What is hacking when it comes to collecting data? According to two court rulings if it's publicly avaialble it's free game. This epsiode talks about …

Episode 582 - The CIS Controls You Should Implement First

September 17th, 2019


The CIS Top 20 is the defacto standard to build an effective security program. This epsiode talks about the controls you should implement first.

Episode 581 - What To Do Before Your Trade In Your Old Phones

September 16th, 2019


The new iPhones are coming out and trade-in deals are a big thing with dealers. This epsiodetalks about things you should do before you hand you old …

Episode 580 - Tools, Tips and Tricks - Securing Your Browser

September 13th, 2019


This week's Tools, Tips and Tricks goes through several tips to help you secure your browser, no matter which one you use.

Be aware, be safe.

Become …

Episode 579 - A Cybersecurity Firm Announces A Breach, No One Is Immune

September 12th, 2019


A large, prominent cybersecurity firm suffered a breach of their cloud services. This epsiode talks about the details of the breach and what you need to remember when using cloud services. 

Be aware, be safe.

Become A …

Episode 578 - Fortnite Ransomware Warning To Gamers And Parents

September 11th, 2019


This is an episode that should be shared with young gamers and parents of gamers. I talk about a new and dangerous ransomware attack targeting …

Episode 577 - Deepfake CEO Voice Scam

September 10th, 2019


Social engineering takes many forms. Now we have to worry about being tricked out by our voices. This epsiode talks about a new type of attack using the deefake methods.

Be aware, be safe.

Become A Patron! Patreon Page

Epsiode 576 - US Rejects Ransomware Ransom Payout, Here Is What They Did Instead

September 9th, 2019


Another small city government got hit with ransomware and had some of their systems encrypted. This epsiode talks about this story but what the city …

Episode 575 - Interview Episode - Tanya Janca, Woman Hacker Of The Year 2019

September 6th, 2019


This episode is an interview with a cybersecurity professional, Tanya Janca, recent recipient of the Woman Hacker Of The Year award for 2019. We discuss her career, the award and her other activies in the cybersecurity …

Episode 574 - How Did The CEO Of Twitter Get His Account Hacked

September 5th, 2019


The CEO Of Twitter is not immune from getting hacked. The episode talks about how the CEO of Twitter had his Twitter account hacked. 

Be aware, be safe.

Become A Patron! Patreon Page

*** Support the podcast with a cup …

Episode 573 - Facebook Tweaks Facial Recognition Default Settings, Here's How To Turn It Off

September 5th, 2019


Facebook rolled out a facial recognition feature to all users worldwide but tweaked it to not be enabled by default. This opt-out came from lawsuits …

Episode 572 - Firefox 69 Is Out And Blocks 3rd Party Trackers By Default, Upgrade

September 4th, 2019


Firefox version 69 was releases and continues to put user's privacy first. This epsiode talks about the new features that are enabled by default and …

Episode 571 - Microsoft Goes All In With Multi-Factor Authentication And Urges Everyone To Do It

September 3rd, 2019


Multi-factor authentication is the best, easiest and most widely avaialblesecurity improvement everyone can make. Microsoft now is being more public …

Episode 570 - Tools, Tips and Tricks - 2FA Notifier

September 3rd, 2019


This week's tools, tips and tricks talks about a great browser plugin called 2FA Notifier. It's a fantastic addition to help you enable and identify …

Episode 569 - GitHub Is Stepping Up Their Token Scanning Game To Keep You Safe

September 3rd, 2019


GitHub is the leading open repository for code, files, projects and this opens the door to risks of exposing more than you should. GitHub has been …

Episode 568 - Over A Thrid Of Businesses Suffered A Cloud Security Incident

August 28th, 2019


A survey from OutPost24 revealed that a third of businesses surveyed admitted to a security incident in their cloud service. This episode goes through the other data points in the curvey and talk about cloud security …

Episode 567 - What Is Personally Identifiable Information (PII) Really

August 27th, 2019


We hear the term PII quite a bit. Personally Identifiable Information is at the center of the privacy discussion but what is it? This epsiode talks about the challenges of defining what PII is.

Be aware, be safe.

Become …

Episode 566 - Telephone Scam Recorded, The Highlights And Walkthrough

August 26th, 2019


This is an episode you will want to share with your non-techie friends and family. It's a longer episode but walks through a common telephone scam. I highlight the story, the hook and the scam and give context to how it …

Epiosde 565 - Tools, Tips and Tricks - 10 DevOps Books You Should Read

August 23rd, 2019


This week's tools, tips and tricks talks about DevOps books your should read. Specificaly The Phoenix Project. 


Episode 564 - Local Government Entities In Texas Hit By Coordinated Ransomware Attack

August 22nd, 2019


Local government entities in Texas were hit by a coordinated ransomware attack. This epsiode talks about the attacks and what local and state entities need to start thinking about as this trend will continue. 

Be aware, …

Episode 563 - The First Half Of 2019 Had 4.1 BILLION Records Exposed

August 21st, 2019


The first half of 2019 had 4.1 BILLION records exposed. This epsiode goes through the top 10 breaches thus far and highlights a surprise stat that stands out. 

Source :

Episode 562 - Google Chrome Ending FTP Support Soon

August 20th, 2019


Google continues the push to ensure a more seucre Internet experience across the board. This epsiode talk about Chrome dropping support for FTP and why.

Be aware, be safe.

Become A Patron! Patreon Page

*** Support the …

Episode 561 - Facebook Has People Listening To Your Recordings You Thought Were Private

August 19th, 2019


Artifical Intelligence isn't intelligent from the start. There has to be a human 'training' the machine to know how to identify and learn. The problem is platforms aren't clear on when and what a person is seeing vs. …

Episode 560 - Tools, Tips and Tricks - Git Security Tools

August 16th, 2019


This weeks tools, tips and tricks covers not one but over a thousand tools. These are tools dealing with GIT security in many different areas. This …

Episode 559 - AT&T Employees Were Bribed To Unlock Phones And Install Malware

August 15th, 2019


Insider threats are just as a concern as external threats. The attack vectors inside widespread and this story shows a real problem. This epsiode talks about the case with AT&T employees being bribed to carry out …

Episode 558 - IoT Strike Again - Kids Are Incresingly At Risk

August 14th, 2019


Internet of Things, IoT, is a wild fire of expansion and unfortunately security is not exactly efficient. This epsiode talks about the lack of security consistency and problems with IoT devices and the increasing risks …

Episode 557 - Apple Steps Up Their Bug Bountry Program To $1 Million

August 13th, 2019


Bug bountry programs are where companies offer people outside their organization money to report vulnerabilities found. Apple steps up the game and …

Episode 556 - Regulations Are The Bare Minimum Requirements, Go Above Them

August 12th, 2019


Industry and legal regulations for security are out there to ensure applications are built securely. There is a micsonception that if regulations are …

Episode 555 - Tools, Tips and Tricks - Random.Org

August 9th, 2019


In technology, at some point, you will need something generated or randomized. Thie week's tools, tips and tricks talks about

Episode 554 - 90% Of iPhone Users Vulnerable To iMessage Attack, Update Now

August 8th, 2019


This epsiode talks about a recent Apple iOS patch that you should update to immediately. This episode talks about what the vulnerability is and what …

Episode 553 - Micro-Learning, The New Way To Educate

August 7th, 2019


In July's newsletter I wrote about micro learning and it's growth. This epside goes a little deeper into the micro learning concepts.

Be aware, be …

Episode 552 - 95% Of Problems Found By Penetration Tests Can Be Easily Fixed

August 6th, 2019


Penetration tests are an important aspect of application security but they can be overwhelming. A report came out that claimed, and I agree, that most of identified problems are easily fixed. This episode talks about …

Episode 551 - The Equifax $125 You Were Expecting, Yeah Not So Much

August 5th, 2019


The Equifax claims for $125 for each victim apparently wasn't that way it was advertised. This epsiode goes into the details to why and talks about the slimy nature of these deals and how the victims always lose out. 

Episode 550 - Tools, Tips and Tricks -

August 2nd, 2019


Scammers are everywhere. Calling you on the phone, trying to get you to click on fake pop up ads and through email. This episode talks about one of …

Episode 549 - Online Anonymity Does Not Exist

August 1st, 2019


Anonymous browsing and app use is a hot topic. In reality your anonymity is far harder to acheive than you think. This epsiode goes through the …

Episode 548 - Micro Learning And It's Effectiveness In Security Awareness

July 31st, 2019


The concept of micro-learning is gaining popularity in security awareness programs. This episode talks about what micro-learning it, how I am using …

Episode 547 - Now Capital One Is Breached By Poor Configuration And Patch Management

July 30th, 2019


Another day and another breach that is bigger than the last. This time Capital One is on the block. This epsiodegoes over the breach details as they have been reported at the time of recording this and talks about how …

Episode 546 - Thank You To GenCyber And Claim Your Equifax Settlement Money

July 29th, 2019


Thank you again to Alexandria Technical College and GenCyber for having me speak last week, I had a great time. This epsiode talks about how to claim …

Episode 545 - My Participation At A Gen-Cyber Security Academy Camp

July 26th, 2019


I will be speaking at the GenCyber cybersecurity camp today. This episode talks about what the GenCyber camp is, why I fully support it and what I …

Episode 544 - Thinking About Deleting Former Employers Files, Don’t

July 25th, 2019


This episode talks about the case of an employee that took action against a former employer and what happened. This also is a learning experience around privileged access management and how you can handle actions by …

Episode 543 - A 2019 Tech Prediction Coming True - Forced Multi-Factor At A Bank

July 24th, 2019


Every year over on I do tech and security predictions for the year. Usually I wait until the end of the year to review them but big news popped up and I had to talk about it. This epsiode goes over the …

Episode 542 - iOS AirDrop Prank Evacuates A Plane

July 23rd, 2019


Episode 542 - Apple iOS has a feature that allows you yo quickly send photos between phones called AirDrop. This epsiode talks about an incident where someoen abused AirDrop and caused an airplane to be evacuated. There …

Episode 541 - Website And Podcast Update News

July 22nd, 2019


Updates on the podcast growth and the spin-off of from into their own independent blogs.

Be aware, be safe.

Become A Patron!

Episode 540 - Tools, Tips and Tricks - Wigle

July 19th, 2019


This week's tools, tips and tricks goes over a wifi mapping site called Wigle. This site is very interesting and eye opening to what and how they are …

Episode 539 - Apple Disables The Walkie-Talkie On The Watch For A Vulberability, No One Noticed

July 18th, 2019


Apple disabled the walkie-talkie feature after they were notified of a security vulnerability. This epsiode talk about that act and why Apple's move …

Episode 538 - Facebook Hit With A $5 Billion Fine, It Won't Change Anything

July 17th, 2019


In the wake of the 2011privacy investigation into Facebook, US regulators are recommending a $5 billion fine. The episode put context around that …

Episode 537 - Truly Effective Security Programs Are Business Focused

July 16th, 2019


Cybersecurity is technical in nature but it's really a business problem to solve. This episode how aligning to the business will take your security …

Episode 536 - Microsoft Making Multi-Factor Mandatory On Cloud Service Providers

July 15th, 2019


Most companies use Cloud Service Providers (CSP) when they move to Office365 for many reasons. However, most CSPs will retain high level access to your email and files and not every CSP has they same level of security …

Episode 535 - Tools, Tips and Tricks - OSINT Framework

July 12th, 2019


This week's tools, tips and tricks covers the OSINT Framework. This episode goes over the website, what you can find on it and why you should add …

Episode 534 - Mozilla Is Tagged With 2019 Internet Villian, I Say Congrats

July 11th, 2019


Mozilla was tagged by UK ISPs as 2019's Internet Villain. This epsiode talks about why, why Mozilla should be proud and you as a user should applaud …

Episode 533 - IoT Strikes Again - Turns Out Amazon Is Keep Your Recordings Forever

July 10th, 2019


Amazon Echo devices record your voice and creates transcripts on what you said. After a letter from a US Senator more of the curtain is being pulled …

Episode 532 - IoT Strikes Again - Insecure Devices Need To Be Discarded

July 9th, 2019


Millions of IoT devices from security cameras to baby monitors contain severe security vunlerabilities. Many vendors are not reponding to the reports, patches are not being creates and in some cases the devices cannot …

Episode 531 - Average Breaches Cost Over $4 Million, Are You Ready

July 8th, 2019


A report from Radware and Merrill Lynch details that the cost of a breach in 2019 is over $4.5 million. This episode talks about the report and the areas where the costs are felt the hardest. 

Source Report.

Be aware, …

Episode 530 - Why You Should Not Pay The Ransom From Ransomware

July 5th, 2019


The past few weeks two cities in Florida were hit by ransomware and they eventually paid the ransom. This episode talks about the danger of doing that and what you can do to help prevent damage from a ransomware attack. 

Episode 529 - Have A Happy And Safe 4th Of July Weekend

July 4th, 2019


I wish you all a happy and safe 4th of July weekend.

Be aware, be safe.

Become A Patron! Patreon Page

*** Support the podcast with a cup of coffee …

Episode 528 - Things To Thnk About Before Using A Password Manager

July 3rd, 2019


Passwords managers can provide increased security and management capabilities around your accounts and passwords. This episode talks about a great article I came across about things to think about before using a …

Episode 527 - Minnesota Cop Awarded Half Million After Colleagues Looked Up Her Data

July 2nd, 2019


Here's another story about abuse of access. This epsiode talks about this case and what the State of Minnesota is doing to enable the citizens to protect their data stored on state systems. 

Be aware, be safe.

Become A …

Episode 526 - Podcast Awards Nominations Are Open - Vote For The Show

July 1st, 2019


This epsiode is asking for all the listener's help. Security In Five is in the running for an awards in the 14th Annual People's Choice Podcast Awards and I need your vote! This epsiode talks about the awards nomination …

Episode 525 - Tools, Tips and Tricks - Parents Tips For Video Gamers - A Video

June 28th, 2019


Parent of young video gamers need to be aware of the threats on those games and how to protect their accounts and potentially your financial data …

Episode 524 - When Building A Vulnerability Assessment Program, Include Everything

June 27th, 2019


Vulnerability scanning and management is a vital aspect to a security program. However, too often I see the bigger picture missed based on the …

Episode 523 - Breach Clarity Website Makes Breaches Easily Understandable

June 26th, 2019

4:49 is a website I came across that I found to be very useful in understanding the risks and victim impact's from breaches. This …

Episode 522 - Don't Forget To Secure Your Logs

June 25th, 2019


When we talk about breaches and data protection we naturally focus on the business data. User records, financial transactions, etc... security logs are easily forgotten about over time. The epsiode talks about a breach …

Episode 521 - All It Takes Is One Record Breached To Destroy Your Business

June 24th, 2019


Breaches happen all the time unfortunately but the damages and fines are not related to the amount of data lost. This episode goes over a hospital …

Episode 520 - Tools, Tips and Tricks - Microsoft VSCode

June 21st, 2019


This week's tools, tips and tricks talks about Microsoft VSCode. Whether you are a developer or have played around writing scripts, in cybersecurity …

Episode 519 - Mozilla Looking To Make A Premium Version Of Firefox Browser

June 20th, 2019


Mozilla continues it's push to be the best security and privacy centric internet company. News has come out that Mozilla is working on a premium version of the Firefox browser. This episode talks about the details and …

Episode 518 - Evite Was Breached, Here Are Two Takeways To Learn From

June 19th, 2019


Evite, the popular invitation social website, admitted to a breach recently. This episode goes through the details and give two takeways to learn …

Episode 517 - Breaches Have Consequences

June 18th, 2019


Breaches are more devastating than you realize and the costs go beyond dollars and cents. This epsiode talks about a company that was the cause of …

Episode 516 - Listener Episode - InfoSec Work Life Balance

June 17th, 2019


This episode camne from a listener question about infosec work life balance. I speak about my experience and the landscape of different avenues in cybersecurity and what is on-call, what is not and how to navigate it. 

Episode 515 - Security In Five Patreon Site Is Live

June 14th, 2019


After two years Security In Five is ready to expand and grow into new expanding content and media to help spread the security awareness word. A patreonsite has been launched to help support this expansion. This episode …

Episode 514 - Avoid Those Free USB Charging Hubs

June 13th, 2019


As you travel around you may come across free charging stations for your mobile devices, USB cables ready to go. This episode talks about why you …

Episode 513 - The Dumbest Reason For A Breach You Will See Today

June 12th, 2019


Breaches happen all the time for all different kinds of reasons. This epsiode talk about a breach in Canada with the dumbest reason I have seen. 


Be aware, be safe.

Become A Patron! Pateron Page

*** Support the …

Episode 512 - Google Is Making It Easy For You To Dump Chrome

June 11th, 2019


Google Chrome is a good browser but you are paying for it with your data which in turn delivers ads. There are ad blockers that limit this annoyance but Google is looking to reduce the ad blocker's ability to block ads. …

Episode 511 - Two Year Anniversary Episode - How I Started The Podcast

June 10th, 2019


Two years ago I released Epsiode 1 of Security In Five. Here we are two years later and 500+ episodes recorded. This epsiodeis a big thank you to everyone that takes their time to listen and I talk about how I started …

Episode 510 - Tools, Tips and Tricks - Firefox Lockwise

June 7th, 2019


This week's tools, tips and tricks talks about another new security offering from Mozilla, the maker of Firefox. The app is called Firefox Lockwise …

Episode 509 - New Survey Shows Workers Will Sell Your Data For The Right Price

June 6th, 2019


When you talk about cybersecurity protections most will focus to the external threats, the Internet, the cyberattackers and malicious bots. What you also need to worry about are those on the inside. Roughly 30% of …

Episode 508 - Poor Configurations Has Leaked 2.3 BILLION Records In The Past Year

June 5th, 2019


There's a reason in the OWASP Top 10, the number 5 spot is Security Misconfigurations. This epsiode talks about breaches that have occurred due to impromper security configurations and leaving data wide open. 

Be aware, …

Episode 507 - A Huge Breach Of Security Logs Shows Us How Important Securing Them Is

June 4th, 2019


Every platform and applicaiton record the activity of the system, users and data access. We call these logs. Security logs are a subset that contain sensitive information about the backend details of the components, …

Episode 506 - You Can Now Tell Amazon Alexa To Forget What You Said

June 3rd, 2019


Amazon has come under fire for their practices on recording and potentially listening to your Echo devices recordings. Over the next few weeks you will be able to tell your Amazon devices to forget what it heard over …

Episode 504 - Tools, Tips and Tricks - Gmail Filtering And Address Manipulation Tricks

May 31st, 2019


This week's tools, tips and tricks epsiode are two tricks to help keep your Gmail spam, undercontrol.

Gmail Filters.

Be aware, be safe.

*** Support …

Episode 503 - GitHub Releases Several Security Tools To Help Developers

May 30th, 2019


GitHub is continuing to expand their security offerings to help developers create the most secreapplications possible.  This episode talks about the …

Epsiode 502 - Encryption Is Usually Deployed Improperly

May 29th, 2019


Encryption is a powerful and effective solution to protecting your data and recources. However, it is a complicated implementation and a recent …

Episode 501 - IoT Strikes Again - 90% Of IoT Devices Are Unencrypted

May 28th, 2019


IoT Strikes Again and a recent report from Zscaler support it. The research shows that 90% of IoT devices communicate using unencrypted methods. This episode goes through the details of the report. 

Zscaler Report.

Be …

Episode 500 - Thank You Episode

May 24th, 2019


THANK YOU! 500 epsiodes in the can! Wow!

This is a big thank you to all of you and I announce the next phase of Security In Five and what's coming soon.

Be aware, be safe.

*** Support the podcast with a cup of coffee …

Episode 499 - Cloud Service Security Is Still Your Responsibility

May 23rd, 2019


Cloud services are the direction many companies and indivudals are taking for their applications and data. Recent breaches have highlighted that there are security concerns you as a user need to be aware of. This …

Episode 498 - Benefits Of Using A Personal VPN

May 22nd, 2019


VPN use provides additional security and privacy for your personal Internet use. This epsiode talks about other benefits you can get from using a VPN.

Be aware, be safe.

*** Support the podcast with a cup of coffee *** …

Episode 497 - Work On Expanding These Skills In Your Cybersecurity Career

May 21st, 2019


The cybersecurity profession requires a very technical set of skills. However technical skills are not the only ones employers are looking for. This epsiodetalks about the soft skills that are being sought after in …

Episode 496 - The Most Dangerous Email Attachment Types

May 20th, 2019


Email is still the number one communication method used today. People also use it primarily to send files and forth. Even though you may know and …

Epsiode 495 - Tools, Tips and Tricks - Mozilla Observatory

May 17th, 2019


This week's tools, tips and tricks is about Mozilla Obersvatory. This is a web scanner meant to help developers and security professionals fix and …

Epsiode 494 - Why Forcing Password Resets Makes You Less Secure

May 16th, 2019


This epsiode is a continuation on the death of the password. I talk about how forcing resets actually can make you less secure and what the future may bring for authenticaiton for everyone.

Be aware, be safe.

*** …

Episode 493 - Git Repositories Held For Ransom, What Can We Learn From This

May 15th, 2019


The latest ransom attacks are taking over Git repositories and holding source code hostage. This epsiode goes into the details on how this is …

Episode 492 - If It Sounds Too Good To Be True On The Internet, It Is

May 14th, 2019


If it sounds too good to be true on the Internet, it is. Scammers are preying on the success of a major movie promising downloads but in reality they …

Episode 491 - Example Of Why 3rd Party Component Security Is Important, Jenkins Plug-ins

May 13th, 2019


Open source communities have made application development faster than ever before. However there is a downside when it comes to security, you need to stay on top of all your components. The episode talks about a …

Epsiode 490 - Tools, Tips and Tricks - Security Recruiter Directory

May 10th, 2019


If you are looking for your next CISO or the hard to find security engineer this episode will be for you. CSOOnline puslished a Security Recruiter Directory to help recruiters, security leaders and job seekers get …

Episode 489 - Common Reasons Companies Get Breached

May 9th, 2019


Companies get breached all the time and the reasons are more simple than you think. This episode talks about the common reasons companies get breached and what you can do to avoid the same mistakes.

Be aware, be safe.

Episode 488 - A Word Of Caution Around Selling Old IT Equipment

May 8th, 2019


If you decide to sell or even participate in a recycling program it's important to make sure you properly delete all your data first. This epsiode goes into the details on the proper way to erase your harddrives and …

Episode 487 - Do Not Forget About Your Open Source Compoents In Your Development Cycles

May 7th, 2019


Application development has become more open and flexible through the use of open source components. However most aren't managing those components properly and are introducing security risks into the applicaitons. This …

Episode 486 - The Different Types Of Malware

May 6th, 2019


The word malware is used very broadly for any type of malicious software. This episode breaks down malware and talks about the different types you can come across.

Be aware, be safe.

*** Support the podcast with a cup …

Episode 485 - Tools, Tips and Tricks - DuckDuckGo Privacy Essentials

May 3rd, 2019


This week's tools, tips and tricks epsiode is about an extension from DuckDuckGo. I have talked about DuckDuckGo in previous episodes. This epsiode …

Episode 484 - Microsoft Finally Agrees This Password Practice Is Worthless

May 2nd, 2019


Microsoft announced that they are behind ditching a password practice the rest of the security world has been against for 10 years. This episode talks about what that practice is and why it can make your company less …

Episode 483 - The Riskiest Places To Use Your Debit Card

May 1st, 2019


Using a card for either debit or credit purposes is always risky. The nature of the cards make them insecure and there are those that deploy skimmers …

Episode 482 - Cybersecurity Skills That Are In Demand

April 30th, 2019


Cybersecurity is a broad industry with many sub-area of expertise. This epsiode talks about the skills that are in highest demand and potential growth areas for everyone. 

Be aware, be safe.

*** Support the podcast with …

Episode 481 - How To Stay Fresh With Your Cybersecurity Knowledge

April 29th, 2019


Cybersecurity is all about knowledge. The real challenge is how to stay in the loop and on top of everything that's going on. This epsiode I talk about ways to keep your skills and knowledge fresh. 

Be aware, be safe.

Episode 480 - Tools, Tips and Tricks - Spring Clean Your Windows by Taproot Security

April 26th, 2019


This week's tools, tips and tricks talks about spring cleaning your Windows PC. The list comes from Taproot Security. This epsiodegoes through the …

Episode 479 - What To Do If Your Identity Is Stolen

April 25th, 2019


Identity Theft is an awful experience to go through. This epsiode talks about the steps you should take if your identity and financial accounts are …

Episode 478 - Why DevSecOps Program Fail To Get Anywhere

April 24th, 2019


DevOps, or DevSecOps, is the latest buzzword driving businesses to try it. This episode talks about the reasons why a DevSecOps program doesn't get off the ground.

Be aware, be safe.

*** Support the podcast with a cup …

Episode 477 - Amazon Employees Are Listening To Your Alexa Recordings

April 23rd, 2019


A report came out that confirmed that Amazon employees have been listening to your Alexa recordings more frequently than recently admitted to. This episode goes into the details and gives some thoughts around these …

Episode 476 - Serverless And Container Deployments, What Are They

April 22nd, 2019


If you are working in or looking to develop applicaitons for the cloud you probably have heard about serverless and containter deployments. This epsiode talks about the similarities and differences for managing and …

Episode 475 - Tools, Tips and Tricks - DevSecOps - OWASP Threat Dragon

April 19th, 2019


This week's tools, tips and tricks talks about the threat modeling tool from OWASP called Threat Dragon.

OWASP Threat Dragon Project Page

Threat …

Episode 474 - DevSecOps - Security End To End Is Possbile If You Do This

April 18th, 2019


Building security into a DevSecOps program is not easy, but it is possible. This epsiodegoes over the things you need to do in order to call yourself a DevSecOps program. 

Be aware, be safe.

*** Support the podcast with …

Episode 473 - DevSecOps - Security Professional Have To Evolve To Succeed

April 17th, 2019


DevSecOps changes in an organization tends to focus on getting everyone adjusted to security. Security professional also have significant growth …

Episode 472 - DevSecOps - Shifitng Security Left

April 16th, 2019


DevSecOps has security built into it but you cannot acheive that with the traditional way of doing things, at the end. Security needs to move left in the process, earlier and as often as you can. This epsiode goes into …

Episode 471 - DevSecOps - Writing Security User Stories

April 15th, 2019


DevSecOps is driven, usually, by an agile process. The user stories are what drives the development and in the current SAFE moethodology it's …

Episode 470 - Tools, Tips and Tricks - Shields Up

April 12th, 2019


This week's tools, tips and tricks talks about one of my favorite security sites Specifically the ShieldsUp! service. This epsiode talks …

Episode 469 - What Is A Honeypot

April 11th, 2019


In information security you may have the term honeypot. They are important tools and technique in the defense of a network or application. This …

Episode 468 - What Is The Difference Between Passive And Active Monitoring

April 10th, 2019

When you are talking about security scanning a network there are two words that you will hear. Passive and Active. This epsiode explains the two. Be a

Episode 467 - Facebook Had The Gall To Ask Users For Their Private Email Passwords

April 9th, 2019


Facebook was discovered to be asking new users for the passwords to their personal email accounts for 'verification' purposes. Not only is this a …

Episode 466 - Facebook Data Leaked Through Poor Cloud Configuration

April 8th, 2019


Faceboookis back in the news for data and privacy failures. This time a partner left a cloud bucket open to the internet exposing 540 million user …

Episode 465 - Tools, Tips and Tricks - Commando VM

April 5th, 2019


This week's tools, tips and tricks talks about FireEye's new Commando VM. The first Windows based penetration testing platform. This episode goes …

Episode 464 - Part 3 - Differences Between Vulnerability, Penetration and Attack Testing

April 4th, 2019


Part 3 of the 3 part mini-series talking about the differences between vulnerability, penetration and simulated attack testing. This episode talks …

Episode 463 - Part 2 - Differences Between Vulnerability, Penetration and Attack Testing

April 3rd, 2019


Part 2 of the 3 part mini-series talking about the differences between vulnerability, penetration and attack testing. This episode talks about …

Episode 462 - Part 1 - Differences Between Vulnerability, Penetration and Attack Testing

April 2nd, 2019


Part 1 of a 3 part mini-series talking about the difference between vulnerability scanning, pen testing and simulated attack. This epsiode starts …

Episode 461 - Office Depot Pays 35 Million Dollar Fine For Tricking Customers

April 1st, 2019


Office Depot and got hit with a $35 million dollar penatly. Why? They were tricking customers to get computer services from bogus …

Episode 460 - Tools, Tips and Tricks - AbuseIPDB

March 29th, 2019


This week's tools, tips and tricks episode talks about AbuseIPDB. This website is a great lookup reference tool to identify and confirm rouge IP …

Episode 459 - IoT Strikes Again - IoT Cybersecurity Improvement Act Of 2019

March 28th, 2019


IoT strikes again, only this time it's a positive message. The US Congress proposed legislation to begin to define and require security standards for IoT devices used in the government. NIST will drive the effort and …

Episode 458 - Things To Consider Before Moving To The Cloud

March 27th, 2019


Moving to the cloud is a growing strategy for many businesses. It's important to undertstand that security is not   full guaranteed by the cloud …

Episode 457 - Why You Need To Update Regularly, Microsoft Dominates 2018 Most Exploited List

March 26th, 2019


A report from Recorded Future showed that in 2018 the top 10 most exploited vulnerabilties were from Microsoft. This episode talks about this report …

Episode 456 - MySpace Lost 12 Years Of Files, A Caution Of Cloud Storage Reliance

March 25th, 2019


MySpace, the once dominating social network on the Internet, confessed to a big goof. This epsiodetalks about what happened and why you shouldn't …

Episode 455 - Tools, Tips and Tricks - Firefox Send

March 22nd, 2019


Mozilla continues their push to provide services for user's security and privacy protections. Thie tools, tips and tricks episode talks about Firefox …

Episode 454 - Many Security Apps In The Google Play Store Are Junk, Be Wary

March 21st, 2019


A recent study of security apps from the Google App store showed many are worthless. This episode talks about the report and tips one which ones you …

Episode 453 - If You Are Not Using A Password Manager Here Are Some Free Ones

March 20th, 2019


A password vault is one of the easiest tools to greatly improve your  security and safety for your accounts and data. Not everyone can or wants to …

Episode 452 - OWASP Application Security Verification Standard

March 19th, 2019


OWASP is far more than the popular Top 10. This epsiode talks about the OWASP Application Security Verification Standard and a listener project that …

Episode 451 - IBM Scraped Millions Of Photos For Facial Recognition Without Permission

March 18th, 2019


Artificial intellegence and machine learning isn't smart out of the box. Like any learning the more data it takes in the smarter it cam be. The …

Episode 450 - Tools, Tips and Tricks - Microsoft Security Compliance Toolkit

March 15th, 2019


This week's tools, tips and tricks talk about the Microsoft Security Compliance Toolkit. If you are a Windows owner, sys admin or interested in …

Episode 449 - Citrix Hack Was Done Through Password Spraying, What Is That

March 14th, 2019


Recently it was reported that Citrix was hacked by a state sponsored cyber criminal group. This hack was pulled off through a method called password …

Episode 448 - Facebook Is Not Allowing An Opt-Out For Phone Number Searches

March 13th, 2019


Facebook once again takes a dip into security but slides in serious privacy violations to do it. This time in their two factor authentication …

Episode 447 - TikTok Hit With A Huge Fine For Collecting Data On Kids

March 12th, 2019


The music sharing app TikTok, formerly, got hit with a huge fine for children data privacy violations. This episode goes over wy they got …

Epiosde 446 - Update Your Chrome Browser Immediately

March 11th, 2019

If you use Google Chrome as your browser you need to update it immediately. This episode goes into the details and the urgency for this update.  Be aw

Episode 445 - Tools, Tips and Tricks - Zenmap

March 8th, 2019


This week's tools, tips and tricks episode talks about the most popular network mapping tool, Nmap. Rather this introduces the GUI version of Nmap, …

Episode 444 - In Your Business You Must Use A Vault For Your Privileged Accounts

March 7th, 2019


In 2018 it was reported that 74% of breaches started with privileged account abuse. If you are any business you should use a vault for your …

Episode 443 - Momo Challenge Is A Hoax, Use It As A Learning Experience

March 6th, 2019


The latest viral hoax is the Momo challenge. This episode is heavily opinionated to these ridiculous hoaxes but spins it on how you as a parent can …

Episode 442 - Facebook Is Releasing A Clear History Feature

March 5th, 2019


Facebook announced that sometime this year they will roll out a 'Clear History' feature for users. This episode talks about what the feature will …

Episode 441 - The Most Common Phishing Attack An Infographic Review

March 4th, 2019


Phishing is the most prevelant attack vector for hackers. This episode goes over the four main types of phishing attacks and talks about them in detail.

BinaryBlogger Post

Source Infographic From Inspired eLearning


Be …

Episode 440 - Tools, Tips and Tricks - HiJackThis

March 1st, 2019


This week's tools, tips and tricks talks about one of my goto Windows utilities I have used for over 10 years, HiJackThis. This epsiodegoes through …

Episode 439 - The 5th Anniversary Of The NIST Cybersecurity Framework

February 28th, 2019


The National Institute of Standards and Technology is celebrating the 5th anniversry of the Cybersecurity framework. This is one fo the best, free, …

Episode 438 - How Social Engineering Works From A Coffee Shop, Do Not Use Your Real Name

February 27th, 2019


This episode is a hypothetical explanation on how the beginning stage of social engineering works. This is to highlight how easy it is to start gathering informaiton about anyone from a simple name and phone number …

Episode 437 - Tips To Avoid Tax Scams

February 26th, 2019

It's tax season and you can't have too many shows helping people avoide tax scams. This is another episode that does just that. Be aware, be safe. ***

Episode 436 - IoT Strikes Again - Google Nest Had A Microphone And Didnt Tell Anyone

February 25th, 2019


IoT Strikes Again! Goolge and their Nest products are in a little bit of hot water recently. Apparently Google released new funtionality for their …

Episode 435 - Tools, Tips and Tricks -

February 22nd, 2019


A common method to post URL links in emails and social sites is to shorten it using an URL shortener service. It's a conveinent way for the poster but dangerous for users as you don't know where those links actualyl go …

Episode 434 - What Is A Purple Team?

February 21st, 2019


In a mature security organization you will have a Red Team and Blue Team. This epsiode talks about the roles of the red and blue teams and also a new …

Episode 433 - What Is Considered PII And Why Is It Important To Protect It

February 20th, 2019


We hear about personally identifiable information (PII) all the time in the security, but what is it? What makes data be considered personal and why …

Episode 432 - How To Delete Your Accounts From Hundreds Of Websites

February 19th, 2019


After the data dump known as Collection 1-5 I have been recommending to go and delete all your unused accounts. This can be a difficult task and …

Episode 431 - Beware Of A Very Convincing Facebook Phishing Page

February 18th, 2019


security, infosec, information, podcast, internet, web, blog, twitter, facebook, privacy, google, apple, itA fresh Facebook phishing page is popping up and it's important that you are aware of it. This attack is one of …

Epiosde 430 - Tools, Tips and Tricks - Google’s Phishing Quiz

February 15th, 2019


Google released a quick and sleek phishing test web page. This shows you sample emails and you simply decide if it's real or a phishing fake. I highly recommend you go through this and send this to everyone you know to …

Episode 429 - Are Contactless Banking Cards A Greater Security Risk

February 14th, 2019


This epsiodecame in from a listener suggestion. The question was around the security risks and concerns with contactless credit and debit cards. This epsiode talks about how contactless and mobile device payments work …

Episode 428 - Do Not Participate In DNA Testing To See Your Heritage, How To Delete Your Data

February 13th, 2019


Voluntarily sending your DNA to a company to be 'tested' is the one of the most unsettling privacy trends today. This episode talks about this …

Episode 427 - Hackers Sharing 2.2 Billion Stolen Credentials, A Reminder On Online Account Security

February 12th, 2019


The hack dump called Collection 1 contained over 700 million records. Now Collection 2-5 have been seen in the wild and have over 2.2 billion …

Episode 426 - Facebook Secretly Paid Users To Use A Data Sucking VPN

February 11th, 2019


Facebook's goal is to collect every little bit of data on you no matter how they can. This episode talks about Facebook secretly paying users to …

Episode 425 - Podcast News and Updates

February 8th, 2019


This show covers some Security In Five podcast news and updates for things to come. From getting the heck out of Facebook to looking to expand Security In Five's offerings. 

Check out the new Reddit channel

Episode 424 - The Importance Of Open Source Management In Development Lifecycles

February 7th, 2019


The current landscape of application development has fully embraced the open source community. It's speeds development, adds functionality instantly …

Episode 423 - Facebook Is Merging WhatsApp, Instagram and Messenger Chats. Time To Move Off All Of Them

February 6th, 2019


Facebook announced they are merging Messenger, Instagram and WhatAppchat under the veil of seasmless chat and 'security'. However Facebook's privacy …

Epsiode 422 - Is That Website Fake? Red Flags To Watch For

February 5th, 2019


Websites can be made to look like anything. Just because it's identical looking to your bank or health care privder doesn't necessarily mean it's the real thing. This epsiode talks about the basic things to review on …

Episode 421 - Things You Can Do To Avoid Mobile Software Bugs

February 4th, 2019


On the heels of Apple's fix for a Facetime bug this isn't the first or the last major bug we will see. This episodes goes over some tips and practices you can do with your mobile device software to avoid bugs like these.

Episode 420 - Tools, Tips and Tricks - Sign Up For HaveIBeenPwned Email Alerts On Your Account

February 1st, 2019


This week's Tools, Tips and Tricks is around the Collection #1 breach. HaveIBeenPwned has an option to sign up you email addresses for breach alerts. …

Episode 419 - It's Tax Season, Tips To Avoid Tax Refund Theft

January 31st, 2019


It's tax time and the ring of thieves increase going after identity theft and tax returns. This episode talks about some things you can to do help prevent this and what to do if this happens to you. 

Be aware, be safe.

Episode 418 - Your Sloppy Desk Could Put Your Company’s Sensitive Data At Risk

January 30th, 2019


Are you a slob? Is your desk a wild mess? Do you keep forgetting to pickup your print jobs? If you handle any sensitive data you are putting your business and yourself at risk. This epsiode talks about the non-technical …

Episode 417 - Firefox Killing Adobe Flash Support In Firefox Release 69

January 29th, 2019


Flash has been a thorn in the sides of securituy professionals for years. Now it's finally reaching the true end of life we need. Firefox is making sure that happens by not supporting Flash in the next major release. If …

Episode 416 - Largest Breached Data Dump Discovered, 770 Million Records, Here’s What We Know

January 28th, 2019


Recently news of a massive data beached shocked the Internet. 700 million accounts and passwords were discovered on the Dark Web. Although this …

Episode 415 - Tools, Tips and Tricks - Virtual Box

January 25th, 2019


This week's Tools, Tips and Tricks talks about the virtualization tool Virtual Box. If you are a developer, tester, hacker, IT engineer or have any …

Episode 414 - Google Play Purges Malicious Apps, Be Cautious What You Install

January 24th, 2019


Google purged malicioius apps from the Goole Play store for pushing illegal, spam ads. This episode talks about this and reminds you not to install …

Episode 413 - WordPress Security Tips

January 23rd, 2019


WordPress is one of the most popular blogging platforms and therefore one of the most targeted by hackers. The ease of getting WordPress running is …

Episode 412 - Top Things Every Programmer Should Know

January 22nd, 2019


This epsiode is for anyone learning to be a programmer or thinking about pivoting in their career to be a devleoper. To often I have seen people focus on the language but miss out on much larger, important concepts to …

Episode 411 - GitHub Offering Unlimited Private Repositories For Free

January 21st, 2019


GitHub is shfiting their services for the better to position itself to be the numnber one repository service on the Internet. Their latest change is huge if you a developer. GitHub now offers unlimited private …

Episode 410 - Tools, Tips And Tricks - Graylog, Open Source SIEM

January 18th, 2019


This week's tools, tips and tricks episode is about an open source Security Information Event Management (SIEM) system. GrayLog can enable your home …

Episode 409 - Google DNS Now Supports DNS Over TLS Security

January 17th, 2019


Did you know Google offers public DNS servers you can use instead of your ISP? Why would you do this? Keep your ISP and others from snooping on what …

Episode 408 - Filter Your Email But Don’t Completely Ignore Your Spam Folder

January 16th, 2019


A good email system and best practice is to use some kind of email filters. However, you shouldn't completely ignore all the messages filtered. This …

Episode 407 - You Have Security Plans, Are You Testing Them? A Success Story For Why You Should

January 15th, 2019


Your security program won't maintain the value and effectiveness unless you test and test regularly. A good test does more that just run through the …

Episode 406 - There Is A Human Element To A Security Profession, Don't Forget That

January 14th, 2019


In IT and security we get wrapped around the technical and process aspects that cuases a fog to blind us from what the data represents. We try to protect and defend but what are we protecting? This episode talks about …

Episode 405 - Tools, Tips and Tricks - Security Tips For Students Back To Class

January 11th, 2019


This week'sTools, Tips and Tricks episode topic was submitted by a listener. I thought he had a valid security concern as a college student and turn …

Episode 404 - Routers With This Feature Enabled Were Hacked To Promote YouTube Stars, Do You Have This On?

January 10th, 2019


Hackers carried out pranks as part of a viral YouTube subscriber challenge. Where most see silly pranks I see exploitation of user's home equipment that can easily be fixed. This episode goes over the lastest hack that …

Episode 403 - Blur Password Manager Had A Breach, The Reason Will Make You Facepalm

January 9th, 2019


Another day, another breach. This time it's Blur Password Manager bu Abine. Only this was a breach of their own making. This episode goes through how this breach happened and how you can make sure you don't make the …

Episode 402 - Minnesota Government Employee Took Data Home, That's A Breach

January 8th, 2019


This story comes from the home state of Minnesota. This one is a common story on where an employee takes data home, puts it on a personal computer to work on. That's a breach. This epsiode goes through why this is a …

Episode 401 - Pritners Were Hacked To Promote YouTube Stars, Are You Vulnerable?

January 7th, 2019


When the Internet turns things 'viral' it can get out of hand. This is what happened in a viral competetion between two YouTube stars fight for subscribers to claim the number 1 spot. A hacker took over 100,000 printers …

Episode 400 - Tools, Tips and Tricks - SecTools.Org - 125 Security Tools

January 4th, 2019


This week's TTT episode talks about a website that has the collection of 125 of the top network security tools availaible. Start your education and …

Epsiode 399 - Talk To Your Kids About Online Video Game Scams

January 3rd, 2019


Over the holiday season you might have a new video game console or game in your home. It's important to make sure your kid's or any players using …

Episode 398 - My Security and Tech Predicitons for 2019

January 2nd, 2019


Happy New Year from the first episode of 2019!

This epsiodegoes over my personal security and technology predictions for 2019. I do this every year …

Episode 397 - Taking The Week Off But A Look Into My Plans For 2019

December 24th, 2018


With the mid-week holiday I am going to take a brief break myself from the podcast. But I am not going anywhere. This episode just talks about the …

Episode 396 - Tools, Tips and Tricks - 5 Beginner Courses To Learn Git And GitHub

December 21st, 2018


If you are a developer or wanting to become a programmer then you should learn about Git. Thie week's tools, tips and tricks episode goes through …

Episode 395 - Apple Now Allows The US To Download Their Data

December 20th, 2018


Apple now allows US residents to download the data that Apple has collected on them. This episode goes through the process to do it and why you …

Episode 394 - Report From US Congress Says Equifax Breach Was Preventable, Duh

December 19th, 2018


Equifax had one of the largest and most damaging breach to date. The amount of people who fell victim and the type of personal data lost will cause issues for years to come. The US House of Representatives released …

Episode 393 - Facebook Data Leak, How To See If You Were A Victim

December 18th, 2018


Facebook had another data leak and this time your photos were at risk of being seen by unauthorized developers. This episode talks about how this happened and a page you can go to to see if your photos were taken. 

Episode 392 - Why You Should Make Strong Passwords

December 17th, 2018


It's the end of the year and you should be resetting all your accounts' passwords. If you are not using an automated vault service that can make and …

Episode 391 - Tools, Tips and Tricks - Gmail Email Address Trick

December 14th, 2018


This week's Tools, Tips and Tricks episode I talk about a great Gmail trick to get you hundreds of unique email addresses from your one account and …

Episode 390 - Tis The Season To Patch All Your Devices

December 13th, 2018


Tis' the season for many things and one of those things should be improving your personal security posture. This episode talks about taking the time …

Episode 389 - Tis The Season For Home IT Inventory

December 12th, 2018


Tis' the season for many things and one of those things is improving your home and personal security posture. This episode talks about taking a home …

Episode 388 - Tis The Season For Gift Card Security Tips

December 11th, 2018


Tis' the season for many things especially security tips around gift cards. There are risks and things you should look out for when purchasing and …

Episode 387 - Tis The Season To Unsubscribe To Emails You Don't Read

December 10th, 2018


Tis' the season of many things and now is as good a time as any to clean up your personal security habits. One big, often overlooked, housekeeping task is emails. Through the year(s) we get on mailing lists and …

Episode 386 - Tools, Tips and Tricks - Holiday Security Tips You Should Consider Now

December 7th, 2018


The holiday season is upon us and this episode gives tips around your online, retail and personal security you should consider during this time of …

Episode 385 - Dell Annouced A Incident And Reset All User Passwords, Why You Should Practice Password Uniqueness

December 6th, 2018


Dell announced a security incident and as a precaution reset every user's password. This episode talks about this incident and how it ties to password practices for your online accounts.


Be aware, be safe.

Don't …

Episode 384 - Phishing Email Subject Lines That Are Red Flags

December 5th, 2018


Phishing is still primary mechanism to deliver malware into an organization. There is an art to breakdown a phishing email. This episode talks about subject lines which is the first aspect you read in an email message …

Episode 383 - Security In Five Podcast News And Updates

December 4th, 2018


This episode talks about the Security In Five podcast and some changes and improvements I am making to the show. This is mainly around the social …

Episode 382 - Listener Q&A - How Do You Deal With Security Anxiety?

December 3rd, 2018


This episode is a new series that I will release as the topics make themselves available and that's on the listeners. I get feedback all the time from listeners and I decided to take these questions and turn them into a …

Episode 381 - WebMap - The Web Dashboard For NMap

November 30th, 2018


If you use NMap then you are aware of the task to read through and present the results from a full scan. This week's Tools, Tips and Tricks episode …

Episode 380 - FCC Cacking Down On Robocalls, You Should Still Be Cautious

November 29th, 2018


The FCC announced they will discuss cracking down on those annoying and in some cases illegal robocalls. This episode talks about their focus and why …

Episode 379 - This Year Reset All Your Passwords, Start With Retailers You Used

November 28th, 2018


This is the year you start a new trend and be more responsible with your online accounts. This episode talks about how resetting your passwords on …

Episode 378 - HTTPS Doesn't Mean You Can Automatically Trust A Website

November 27th, 2018


There has been a huge push and talk around getting websites to be more secure by enforcing HTTPS, the secure protocol. However, the messaging has a …

Episode 377 - Be Wary Of Your Usernames, They Can Be Used To Track You

November 26th, 2018


This podcast talks about password practices to keep your accounts secure but not about the usernames. This episode goes over how you should think …

Episode 376 - Tools, Tips and Tricks -

November 23rd, 2018


URL Shorteners are a why to take long, complicated URLs and make them easier to post, email and print. However they can be used to hide or obfuscate …

Episode 375 - We Are Reaching The Peak Season For Online Hacks, How To Protect Yourself

November 22nd, 2018


The Holiday Season is upon us and that means an increase of online and overall retail purchases. This episode goes over recommendations and tips to …

Episode 374 - Credit Card Chip Security Is A Joke

November 21st, 2018


In 2015 the United States rolled out the EMV Chip and Pin security features on credit cards, after dragging feet for 10 years on it. The idea behind …

Episode 373 -Thinking About Security In These Ways Can Get You Into Big Trouble

November 20th, 2018


Security is a collection of technology, policies, procedures but also it's a state of mind. Thinking about security through a veil of assumption or …

Episode 372 - Out Of All The US Breaches How Many Were Healthcare? The Number Will Shock You

November 19th, 2018


Of all the breaches in the United States last year how many were in the heathcare industry. This episode goes into that number and why heathcare is such a ripe target for hackers.

Say Ah Report.

Be aware, be safe.

Don't …

Episode 371 - Tools, Tips and Tricks - Shop Safer This Holiday Season, A Must Listen

November 16th, 2018


The Holiday Season is upon us and that means shopping and gift giving. It's safe to assume that tech gadgets, games, home automation devices will be …

Episode 370 - Parental Warning About Online Video Game Scams

November 15th, 2018


This episode should be sent to every parent or home that has kids playing online video games. This episode talks about the risks and scams out there …

Epsiode 369 - New Privacy Bill Proposes Jail Time For Executives, What Does This Mean?

November 14th, 2018


On the heels of the GDPR the United States is getting into the privacy legislation game. It was only a matter of time for the US to create it's own GDPR like laws and the first major Act was proposed. The Consumer Data …

Episode 368 - Post Breach Costs Go Beyond The Check Your Write, What Else Is There To Consider?

November 13th, 2018


A breach is a devastating event for a business. If and when you experience a breach there are immediate costs that a business will have to come up with. There are also other costs that go far beyond the checks you write …

Episode 367 - Solid State Hard Drives Have A Serious Encryption Flaw, Here’s How To Fix It

November 12th, 2018


If you are using Windows 10 Pro or Enterprise and have BitLocker running you need to listen to this podcast episode. A security advisory released by Microsoft details a serious security flaw in hardware based encryption …

Episode 366 - HIPAA Security Risk Assessment Tool Version 3

November 9th, 2018


If you are working security in health care organization then you SHOULD be familiar with regular security risk assessments. If not you should because …

Episode 365 - Major Browsers To Discontunue Older TLS Versions Soon

November 8th, 2018


A few weeks ago TLS 1.3 was announced as released and I did a focused podcast around it's importance. You can here that episode here. Often when new …

Episode 364 - What Are Red And Blue Teams?

November 7th, 2018


You may have heard about Red and Blue team exercises when talking about IT and Info Sec. This episode goes over at a high level what a Red and Blue …

Episode 363 - Windows Defender Anti-Virus Was The First To Do This And The Rest Will Follow

November 6th, 2018


Microsoft's anti-virus solution called Windows Defender has released a capability that no other anti-virus solution does. This new feature great …

Episode 362 - Google Caves To Public Outcry Around Chrome Privacy

November 5th, 2018


A few weeks ago Google came under fire for automatically logging users into Chrome when they signed in to Google services. This did not go over well with the privacy concerned people, I did an episode on it, and Google …

Episode 361 - Tools, tips and tricks -

November 2nd, 2018


This week's tools, tips and tricks episode talks about This web offers wordlists that can be used, for educational purposes only, to …

Episode 360 - Firefox Releases Ability To Block Tracking Cookies

November 1st, 2018


Firefox keeps making itself my favorite browser. Their security and privacy focus has taken a front seat with them and they keep adding to it. This episode goes over a new ability in Firefox 63 that allows you to block …

Episode 359 - Apple iPhone Security Features You Didn't Know About

October 31st, 2018


Apple's phones may not be the top of the list for features and functionality, but they are tops when it comes to security and keeping your data private. This episode goes over a few security features in the iPhone you …

Episode 358 - Why Do Employees Break Security Policies?

October 30th, 2018


Security policies are in place to protect the business, data and employees. From time to time those policies are broken. This episode tries to go …

Episode 357 - What Is Application Security?

October 29th, 2018


The term 'Application Security' is used as a blanket over a much larger challenge. True application security goes beyond the code. This episode goes into the details and areas around application security and why it's …

Episode 356 - Tools, Tips and Tricks - Thycotic Is Giving Away Their Secret Server Password Manager For Free

October 26th, 2018


This week's tools, tips and tricks is about the privileged account management company Thycotic. They offer their vault solution called Secret Server …

Episode 355 - If You Are Going To Get A VPN Stay Away From The Free Ones, Here's Why

October 25th, 2018


There are somethings you can get for free and be OK. Security services shouldn't be one of them. This episode goes over why you should avoid using …

Episode 354 - DevSecOps, Differences Between Continuous Integration, Delivery and Deployment

October 24th, 2018


In DevSecOps you will often hear the process summarized as CI/CD. This refers to the automation pipeline on getting from development to production. This episode goes over what CI/CD is, what the break down of each step …

Episode 353 - How To Check If You Were Impacted By The Facebook Breach

October 23rd, 2018


If you haven't heard Facebook had a breach that impacted an estimated 30 million accounts. Are you impacted by this? This episode goes through a site Facebook released that will tell you if you are or aren't and what …

Episode 351 - Stop Taking Those Facebook Quizzes, They Aren't Free

October 22nd, 2018


Facebook and the apps within are 'free' as far as you aren't paying money for using those services. However, one of the most popular gimmick on …

Episode 351 - Tools, Tips and Tricks -

October 19th, 2018


This week's Tools, Tips and Tricks is about keeping your browsing activities private. I have talked about many tools that you can use to check to see …

Episode 350 - Moving From DevOps To DevSecOps

October 18th, 2018


Yesterday's episode talked about integrating security into your DevOps adoption from a business perspective. This episode talks about moving from DevOps to DevSecOps more technically and strategically.

Be aware, be safe.

Episode 349 - Integrate Security Into Your DevOps Adoption

October 17th, 2018


DevOps is the 'new hotness' a phrase managers and teams jump for joy when they start down the path. However, Security has been left behind in the DevOps movement and it's time to re-integrate it to where it needs to be. …

Episode 348 - Google+ Breach Really Wasn't A Breach

October 16th, 2018


Google+ social site joins the club from a data leak. The size of this particular leak is small, relatively speaking compared to others, and this …

Episode 347 - IoT Strikes Again - The FDA Warns Patients About A Pacemaker Cybersecurity Flaw

October 15th, 2018


Internet of Things strikes again. Instead of your webcams or kid's toys this episode talks about Internet enabled medical devices. The consequences are more severe when we are talking about these kinds of devices. This …

Epiosde 346 - Tools, Tips and Tricks - Firefox Monitor

October 12th, 2018


This week's tools, tips and tricks episode talks about Firefox Monitor. Mozilla has partnered with Have I Been Pwned website and integrates that into …

Episode 344 - IoT Strikes Again- Malware Jumps Expoentially In 2018

October 11th, 2018


IoT Strikes Again! The rush to slap Internet access into every electronic device leaves the world open to great security risks. A recent report shows that the hackers are going after the weaknesses and gaps in IoT …

Episode 345 - The Main Phishing Types In 2018

October 11th, 2018


Phishing is a common label assigned to any email message that is deemed malicious. There are many kinds of phishing attempts that are used right now. This episode goes through what phishing is and the main types that …

Episode 343 - Ways To Secure Your Wi-Fi For Home And Business

October 9th, 2018


Chances are you have a wireless router in your home and/or small business. Out of the box routers are not secure properly, default settings left …

Episode 342 - Why You Should Rethink Using Facebook To Sign On To Websites

October 8th, 2018


Facebook had a large breach. The extent of that breach is unknown but the initial reports are as many as 50 million to maybe 100 million accounts were breached. The biggest unknown at the time of this episode release it …

Episode 341 - Tools, Tips and Tricks - How To Protect Your Facebook Account After Their Breach

October 5th, 2018


Facebook was breached from an exploited security vulnerability/bug and anywhere from 50-90 million accounts could have been compromised. This episode …

Episode 340 - Are You Suffering From These Common Bad Security Practices With Windows?

October 4th, 2018


Chances are you use a Windows computer. Out of the box Windows is not as secure as it can be and you can make it less so through missing common security practices. This episode goes through common security practices and …

Episode 339 - Microsoft Declares The End Of The Password, Will It Work?

October 3rd, 2018


Passwords alone need to go. We all know it, we agree on it yet we don't know how to smoothly execute on it. Microsoft takes the password on through their Authenticator mobile app and new integration into Azure AD. This …

Episode 338 - Make Sure Your GIT Repos Are Locked Down

October 2nd, 2018


Cloud services are efficient and convenient but they still require security focus from the users. Don't assume that cloud services will have your security in their best interest. A researched discovered over 400,000 …

Episode 337 - Facebook Uses Your Phone Number You Use For 2FA For Ads

October 1st, 2018


Facebook wants to collect every piece of data that can on you. Now they are taking data provided by users to improve their security posture is being …

Episode 336 - Tools, Tips and Tricks - Authy

September 28th, 2018


This week's Tools, Tips and Tricks episode covers a multi-factor tool called Authy. I have moved to Authy a few months ago and haven't looked back. …

Episode 335 - What To Do If You Click On A Phishing Email

September 27th, 2018


Everyone gets phishing emails on a regular basis. If your email is public it's only a matter of time until it gets on a bot's list and sends you an …

Episode 334 - How To Track Your Lost Or Stolen Android Phone

September 26th, 2018


Losing your mobile device through your own actions or through theft can be a shocking and scary event. The loss of the hardware is one thing, but the amount of identity data, personal photos, contacts and other data we …

Episode 333 - iOS12 Security Features You Should Know About

September 25th, 2018


Apple released iOS12 to the public and there are many security improvements you should know about. This episode goes over the security features you …

Episode 332 - Small Business Cybersecurty Challenges

September 24th, 2018


Small businesses have the biggest mountains to climb when it comes to security. The lack of proper financial investment, skill shortages and the balance between progressing the business and keeping it secure. This …

Episode 331 - Tools Tips and Tricks - Open Reference Atchitecture For Security And Privacy

September 21st, 2018


This week's Tools, Tips and Tricks episode talks about one of my goto resources. The Open Reference Architecture For Security And Privacy is a …

Episode 330 - Thank You Once Again Plus I Want Your Security Horror Stories.mp3

September 20th, 2018


Thank you to the listeners of this podcast. Another milestone has been reached, 100,000 listens. A year ago I started this as an experiment, a hobby …

Episode 329 - Privacy Should Be A Bigger Part Of Your Security Training

September 19th, 2018


Your security program should have security training as part of it. Security awareness training in some industries is required through regulations but …

Episode 328 - Ways You Are Failing In Your Security Program

September 18th, 2018


A majority of businesses fail at the basic cybersecurity components, from patching to network monitoring. This episode goes through way you may be failing in your security program. 

Source report - Tripwire State of …

Episode 327 - Mini-Series OWASP Top 10 Proactive Security Controls - 10 - Handle All Errors

September 17th, 2018


We have reached the end of the mini-series for the OWASP Top 10 Proactive Security Controls For Developers. The last item talks about handling all …

Episode 326 - Tools, Tips and Tricks - BitLocker

September 14th, 2018


This week's tools, tips and tricks talk about hard drive encryption using Windows BitLocker. Did you know your version of Windows has this built in? …

Episode 325 - Google Titan Security Key Available To The Public, What Is It?

September 13th, 2018


Google has released their Titan Security Key to the public. What is it and do you need it? This episode goes in to the details of the key and whether …

Episode 324 - Non Technical Skills You Should Have For A DevSecOps Career

September 12th, 2018


DevSecOps sounds technical. Technology driven automation and the skills required to put it altogether are technology heavy. However, there are many …

Episode 323 - Ubisoft Is Going To Force Multi Factor Authentication To Play Soon

September 11th, 2018


Multi factor authentication is becoming more widespread. Now it's showing up in the video games you and your kids play. This episode talks about how …

Episode 322 - A WARNING If You Use WhatsApp Google Drive Backup Feature

September 10th, 2018


The WhatsApp text app ensures end to end encryption to protect your communications. Soon WhatsApp will allow Android users to backup to their Google Drive without going against your space quotas. There is a big drawback …

Episode 321 - Tools, Tips and Tricks - Sonarqube

September 7th, 2018


This episode is for all the developers. How do you know if your code is secure if you don't run security scans against it? If you are a small business or individual you may not be able to afford a top-shelf security …

Episode 320 - Mini-Series - OWASP Top 10 Proactive Controls - 9 - Logging & Auditing

September 6th, 2018


Continuing with the OWASP Top 10 Proactive Security Control for Developers we are at number 9. This control talks about logging & auditing but …

Episode 319 - Facebook Pulls Their VPN App From iOS Store, I Warned You About It Six Months Ago

September 5th, 2018


I told you so. Six months ago. I warned you about Facebook's data collecting VPN app and now it has been pulled from the iOS store by Apple. …

Episode 318 - The Hard Truths Of Cybersecurity

September 4th, 2018


Through the papers, websites, conferences, sales pitches and everything else thrown at us security perception varies. This episode talks about the …

Episode 317 - Skills Security Professionals Should Cultivate

September 3rd, 2018


As a security professional you need to continually grow and expand your skillsets. Whether it's new tools and technologies or trends in the industry, …

Episode 316 - Tools, Tips and Tricks - Comprehensive Comparison Guide Azure vs AWS vs Google Cloud

August 31st, 2018


The security and IT world is all about knowledge. No one can remember it all and in order to be effective you have to have a good reference/catalog system in place. I started a list of Azure, AWS and Google Cloud …

Episode 315 - Mini-Series - OWASP Top 10 Proactive Security Controls - 8 - Protect Data Everywhere

August 30th, 2018


Continuing with the mini-series OWASP Top 10 Proactive Security Controls For Developers we have hit number 8, Protect Data Everywhere. Data drives …

Episode 314 - Security In Five Newsletter Is Coming, Hear About It

August 29th, 2018


The Security In Five podcast has been going strong for over a year at 300+ episodes. I am going to expand the messaging and commit to a monthly …

Episode 313 - Enable Multi Factor Authentication Everywhere, This Episode Will Help You Start

August 28th, 2018


Multi-factor authentication is no longer a 'nice to have' it should be mandatory if you care at all about securing your accounts. Relying on a …

Episode 312 - Security Best Practices To Protect Your Social Media Accounts

August 27th, 2018


Social networks provide us to share out lives with great detail. Those services and account could also be used to share things you didn't intend or …

Episode 311 - Tools, Tips and Tricks - VPNFilter Malware Detector By Symantec

August 24th, 2018


This week's tools, tips and tricks talks about a tool by Symantec that allows you to check your home router for the VPNFilter malware infection. …

Episode 310 - Mini-Series - OWASP Proactive Controls - 7 - Enforce Access Control

August 23rd, 2018


We continue with the mini-series, OWASP Top 10 Proactive Controls For Developers, with number 7. This control is about enforcing Access Controls. …

Episode 309 - TLS 1.3 Is Released, Why This Is The Most Important News Today

August 22nd, 2018


TLS 1.3 has been released. This is very important news for the security of the Internet. This is going to be the protocol for secure communications …

Episode 308 - Google Is Tracking You Even If You Disable Location Sharing

August 21st, 2018


Google sees you when you're sleeping, Google sees you when your awake, Google knows when you are bad or good so be good for goodness sake.... even if you turn off location sharing.

This episode talks about the latest …

Episode 307 - Lets Encrypt Now Trusted By All Major Root Programs

August 20th, 2018


Let's Encrypt, the free security certificate authority, got a big boost of support as it is now trusted by all the major root programs now. This episode goes into why this is a good thing to help expand HTTPS everywhere …

Episode 306 - Tools, Tips and Tricks - Linux Command Cheat Sheet

August 17th, 2018


As an IT professional you will eventually have to work on a Linux machine at some point, it's inevitable. If you are a pure Windows person the switch to the Linux commands can be a learning curve. This episode talks …

Episode 305 - Hold Employees Accountable Through Their Wallets

August 16th, 2018


In a business you may provide employees a laptop, mobile phone, uniforms and other equipment to performs their duties. Sometimes those can be …

Episode 304 - Mini-Series - OWASP Top 10 Proactive Security Controls - 6 - Digital Identity

August 15th, 2018


We continue with the mini-series, Top 10 OWASP Proactive Controls for Developers and we are at number 6. This one talk about Identity Management or …

Episode 303 - Differences Between Disaster Recovery And High Availability

August 14th, 2018


Disaster Recovery and High Availability are used interchangeably at times, incorrectly. This episode goes through what each one is and how they are two different aspects of your IT and business plans. 

Be aware, be safe.

Episode 302 - Home Security Practices You Should Be Aware Of

August 13th, 2018


The availability of home security systems, cameras, smart home controls doesn't mean your home is more secure. The security of your home still comes …

Episode 301 - Tools, Tips and Tricks - Google Alerts

August 10th, 2018


This week's tools, tips and tricks episode goes over an overlooked feature within the Google Stack, Google Alerts. This episode goes into how Google …

Episode 300 - Just Because You Have Business Access Does Not Mean You Are Fully Authorized

August 9th, 2018


In order to process data and carry out business responsibilities you need to grant access to users. However, because access is granted does not give the user's free reign to use that access anyway they choose. …

Epside 299 - Mini-Series - OWASP Top 10 Proactive Security Controls - 5 - Validate All Inputs

August 8th, 2018


Continuing with the mini-series OWASP Top 10 Proactive Security Controls we are at number 5, Validate All Inputs. This control is a vital component …

Episode 298 - Differences Between Junk, Spam and Phishing Emails

August 7th, 2018


The terms junk, spam and phishing are used interchangeably when they are three different categorizations of mail. This episode goes through each one and breaks them down to help clarify security implications of each …

Episode 297 - What To Do If Your Phone Is Stolen

August 6th, 2018


Chances are you have a mobile phone, you may listening to this podcast on one right now. What if you set your phone down on the restaurant table for …

Episode 296 - Tools, Tips and Tricks - How To See If Your Home Storage Drive Has Been Compromised

August 3rd, 2018


This week's tools, tips and tricks episode talks about how to see if your external hard drives have been compromised from the Internet. If you have …

Episode 295 - Parents, Teach Your Kids About Social Engineering Through The Video Games They Play

August 2nd, 2018


Video games are here to stay and are becoming the new social platforms. Game today you can play with up to 100 people, strangers, and talk with them as you play. This episode is for every parent with video game playing …

Episode 294 - Let's Go Hunting, The Evolution Of Threat Detection

August 1st, 2018


Threat detection and response is a critical aspect of any security program. You need to know when something malicious has been detected and react to fix it. However, more and more attacks are able to slip passed the …

Episode 293 - Security Compliance Should Be Tied To Employee Performance Reviews

July 31st, 2018


Employees are reviewed and rated on their job performance from time to time. Do you take into account security performance? Why or why not? Employees are relied upon to maintain some level of security best practices as …

Episode 292 - Developers Should Get Their Ethical Hacking Certification, Here's Why

July 30th, 2018


Through your career you should be getting additional training and education. Application developers are no different. This episode talks about …

Episode 291 - Tools, Tips and Tricks -

July 27th, 2018


This week's tools, tips and tricks talks about the website This website helps you identify if you have a WebRTC leak vulnerability in …

Episode 290 - Security Professionals Need To Brag About Their Successes More

July 26th, 2018


Security programs are often talked about within an organization when something bad happens. This episode talks about why security professionals and …

Episode 289 - Start Putting Security Requirements In Every Job Description, Here's Why

July 25th, 2018


Security programs rely on all employees to have a base level of security knowledge and awareness to the policies. Why doesn't every job description …

Episode 288 - In Identity Management, Deprovisioning Access Is A Critical Security Process

July 24th, 2018


Identity Management, specifically the lifecycle, is not only about granting access but taking access away. Deprovisioning access and resources is a critical security step if you want to maintain 'need to have access' …

Episode 287 - Firewall Rules That Block Should Be Monitored For Activity, Here's Why

July 23rd, 2018


Firewalls are the first line of defense in a network. They have the rules of what on the network can talk to and what is blocked from being accessed. …

Episode 286 - Tools, Tips and Tricks - Any.Do

July 20th, 2018


This week's tools, tips and tricks episode is about organization. The tool this episode goes over is Any.Do. A robust task organization app that …

Episode 285 - An Apple Employee Steals Trade Secrets, What Happened?

July 19th, 2018


A former employee from Apple stole deep trade secrets and tried to flee the country with them. The FBI was contacted and the employee was arrested at …

Episode 284 - Timehop Was Breached, Their Transparency Is A Fantastic Learning Opportunity

July 18th, 2018


The latest company to announce a breach was Timehop. This case is another example on why end to end security is so important but Timehop's transparency to the breach is fantastic. This episode talks about the breach, …

Episode 283 - Google Chrome To Start Warning Users Of Non-HTTPS Websites

July 17th, 2018


Google is leading the way for a more secure Internet. They are pushing hard for the concept of HTTPS everywhere. The next update for Google Chrome will alert all users anytime they visit a HTTP only website. This …

Episode 282 - IoT Strikes Again: The FTC Is Looking To Create IoT Security Standards

July 16th, 2018


IoT security is abysmal. No standards, no controls and no requirements to make these devices secure. Unfortunately for people to pay attention it …

Episode 281 - Tools, Tips and Tricks - A Little Research Yourself Can Save Your Hundreds, A True Story

July 13th, 2018


On my blog,, I write about security but also have side topics from time to time. One article I wrote last year was about a big problem I had with my Tivo/Pace DVR failing on an update. …

Episode 280 - California Created A GDPR Law Of Their Own, What Does This Mean?

July 12th, 2018


The recent breaches, Exactis being the latest one, has pushed California to create a GDPR style privacy law. This is the start of the war on Privacy in the United States. On the heels of the European GDPR privacy laws, …

Episode 279 - IoT Strikes Again- How To Keep Your Home Devices Secure

July 11th, 2018


IoT Strikes again. Introducing an insecure Internet of Things device not only could compromise your privacy from the device but could be used as an …

Episode 278 - Security Practices For Your Mobile Devices

July 10th, 2018


It's safe to assume we all have a mobile device or several, but do you keep it as secure as you should? This episode lays out a few best practices …

Episode 277 - Exactis Exposes 340 Million User Records, Why Did They Have That Much?

July 9th, 2018


A company called Exactis, I never heard of them, leaked 340 million records in the latest huge breach. The amount of records is staggering but that's not what I focused on. It's the type of data they had and this …

Episode 276 - Tools, Tips and Tricks - Fixing A Stuck Windows Update

July 6th, 2018


This week's Tools, Tips and Tricks is about Windows Updates. Every now and then one gets stuck and hangs. What do you do? What can you do? This …

Episode 275 - Mini-Series - OWASP Proactive Controls - 4 - Encode And Escape Data

July 5th, 2018


Continuing with the mini-series OWASP Top 10 Proactive Controls for Developers we are at number 4. This one talk about encoding and escaping your …

Episode 274 - What Is A Zero Day?

July 4th, 2018


You have heard the term. I talk about them all the time. This episode tried to explain what a zero-day is, what it means and how you can react to one if it affects you. 


Be aware, be safe.

Episode 273 - Google Blocking Chrome On Old MacOS Mavericks

July 3rd, 2018


Google is making moves to encourage people from stop using old, outdated operating systems. They announced that Chrome will no longer run on MacOS …

Episode 272 - WiFi Security Improves, WPA3 Launches

July 2nd, 2018


Wifi networks security uses a protocol called WPA2. This protocol is not without it's faults and weaknesses and today the next version is set for …

Episode 271 - Tools, Tips and Tricks - Microsoft Threat Modeling Tool 2016

June 29th, 2018


This week's Tools, Tips and Tricks talks about Microsoft Threat Modeling Tool. This tool is a vital component of security architecture and design. …

Episode 270 - Tesla Learned Insider Threats Are Very Real

June 28th, 2018


Tesla announced that it was the victim of sabotage and data breach. The culprit of this activity was an employee that became disgruntled. This …

Episode 269 - Mini-series OWAPS Top 10 Proactive Controls - 3 - Secure Database Access

June 27th, 2018


Continuing with the mini-series OWASP Top 10 Proactive Controls For Developers we are at number 3. Secure Database Access is the next control …

Episode 268 - Voice Enabled Banking Is Coming, Is The Security Ready?

June 26th, 2018


Voice-enabled devices is slowly becoming the new Internet of Things. Now you are able to basic banking actions using home assistance devices. This episode talks about this movement and what needs to happen with the …

Episode 267 - How Can IoT Devices Get Hacked On Your Home Network?.

June 25th, 2018


This episode topic came in from a listener's question. How can an IoT device get hacked behind my router? This episode and the complimenting blog post on my blog goes into how this is done. 

Episode 266 - Tools, Tips and Tricks - Microsoft Cybersecurity Reference Architecture

June 22nd, 2018


This week's Tools, Tips and Tricks talks about the Microsoft Cybersecurity Reference Architecture. This episode goes through what it is and how it …

Episode 265 - Steam Preventing XP Users From The Service In January 2019

June 21st, 2018


Windows XP has been out of support for years yet there are many computers still running it. The gaming service Steam is taking a very aggressive approach to XP and Vista users. Starting in Jan. 2019 XP and Vista users …

Episode 264 - Mini-Series - OWAPS Proactive Controls - 2 - Leverage Security Frameworks

June 20th, 2018


Continuing with the mini-series on OWASP Pro Active Controls For Developers, we are at number two. This one talks about leveraging security …

Episode 263 - Windows Cortana Provides Another Avenue For Attacks

June 19th, 2018


Voice assistants like Cortana, Siri and Alexa are becoming commonplace in our devices. This episode talks about the security risks those voice assistants can pose and one case specifically with Windows Cortana. 


Be …

Episode 262 - One Year Anniversary Episode, How I Did It

June 18th, 2018


One year ago I started the Security In Five podcast. I never would have guessed I'd have this much fun and get the feedback from it. Thank you. This …

Episode 261 - Tools, Tips and Tricks - Information Is Beautiful

June 15th, 2018


This week's Tools, Tips and Tricks goes over the website This is a wonderful site that takes real world data and puts …

Episode 260 - Mini-Series - OWASP Pro Active Controls - 1 - Define Security Requirements

June 14th, 2018


OWASP released a new Top 10 report this year. 10 Proactive Security Controls For Developers. I loved this report and decided to do a mini-series …

Episode 259 - Data Breaches In 2017 By The Numbers

June 13th, 2018


A report from Breach Level Index puts the numbers from the breaches in 2017 in proper context. Reports like this really show the reality of how big breaches are. This episode goes through the numbers from the report. 

Episode 258 - IoT Strikes Again - FREDI Baby Monitor Hacked

June 12th, 2018


Internet of Things STRIKES AGAIN! Another IoT device security failures exposes customers to privacy violations that go beyond data. This time a cheap …

Episode 257 - How To Enable Ebay Two Factor Authentication

June 11th, 2018


EBay released the ability to enable two factor authentication on your account. This episode goes through how to do it, it's very easy, and why you …

Episode 256 - Tools, Tips and Tricks - IsItDownRightNow

June 8th, 2018


This week's Tools, Tips and Tricks episode goes over a website to help troubleshoot internal connection problems as well as web site verification. …

Episode 255 - Mini Series - Top 10 Reasons To Pen Test - Improve Your Employees Skills

June 7th, 2018


We have reached the last of the Top 10 Reasons To Pen Test you business mini-series. This last one talks about using pen tests and really any security exercise to help improve your employee's skillsets. 


Be aware, be …

Episode 254 - Workplace Laws - What You Should Know

June 6th, 2018


In the security professions, you can't do whatever you want, especially when it comes to people. There are laws you need to be aware when it comes to the line between corporate security and personal privacy. This …

Episode 253 - Coca-Cola Breach Reminds Us There Are Still Internal Threats

June 5th, 2018


This week's breach report comes from Coca-Cola. This episode goes into the details of the breach and shows why all breaches and threats don't …

Episode 252 - URGENT The FBI Recommends To Reboot Your Routers Now, Do It

June 4th, 2018


A followup episode from last week's Episode 247, the FBI has released an alert that urges all home and small offices to reboot their routers. This is …

Episode 251 - Tools, Tips and Tricks - VeraCrypt

June 1st, 2018


This week's Tools, Tips and Tricks episode talks about VeraCrypt. If you care about protecting your very sensitive data, hard drives, USB drives then …

Episode 250 - Apple Now Allows You To See The Data They Collect On You

June 1st, 2018


On the heels of the GDPR companies are opening up on the data they collect on you. Apple is next to roll-out a feature to see the data they have on …

Episode 249 - Chrome Has A Malware Scanner, Here's How To Use It

May 31st, 2018


Chrome continues to expand it's browser to a more fully functional security center. The fact the Internet is the primary use for most computers it …

Episode 248 - Top 10 Reasons To Pen Test 9 - Prove Your Security Controls Are Effective

May 30th, 2018


Continuing with the mini-series Top 10 Reasons To Pen Test we hit number nine. This one talks about using penetration tests to validate and prove …

Episode 247 - Researchers Find A Bot Net Army Of 500,000 On Hacked Routers

May 29th, 2018


There is a reason to stay on top with your patches and pay attention to security alerts from the makers of your devices. Researchers have discovered …

Episode 246 - Tools, Tips and Tricks - Eraser

May 25th, 2018


This week's tools, tips and tricks episode talks about a tool that can help you securely delete files. Just hitting delete or putting a file in the …

Episode 245 - Improve Your Organization Security Behaviors

May 24th, 2018


Security is about people. Your program's effectiveness comes down to the ability of the people following the policies to behave in a secure way. This …

Episode 244 - In Security You Need To Hold People Accountable But Positively

May 23rd, 2018


Security relies on people to make your controls effective. People are the weakest link in a security program and one bad click and ruin your …

Episode 243 - Mini Series Top 10 Reason To Pen Test - 8 - Fine Tune Your Policies

May 22nd, 2018


Continuing in the mini series Top 10 Reasons To Pen test in your business we have reached number eight. This episode goes into number 8 and how …

Episode 242 - Net Neutrality Is Not Quite Dead

May 21st, 2018


Last year the government voted to remove 'Net Neutrality' which forced Internet providers to treat all Internet traffic equally, they couldn't speed …

Episode 241 - Maltego CE

May 18th, 2018


This week's Tools, Tips and Tricks episode goes over a social engineering recon tool. Maltego CE, Community Edition, is the tool of choice for …

Episode 240 - Internet Security Myths You Should Know About

May 17th, 2018


The Internet is a wild and crazy place. A vast array of computers, networks, and data. There are also lots of misconceptions, misunderstandings, and myths around security. This episode goes through some of the biggest …

Episode 239 - Firefox 60 Makes A Push For Enterprise Deployments

May 16th, 2018


Mozilla is making sure that Firefox is a valid option for full browser switching. The big gap with the top browsers, outside of Internet …

Episode 238 - Mini-Series Top 10 Reasons To Pen Test - 7 - Prioritize Risks

May 15th, 2018


Continuing with the mini series, Top 10 Reasons To Run Penetration Tests in Your Business, we are up to number 7. This one talks about how …

Episode 237 - The Challenges Of PCI Compliance

May 14th, 2018


The PCI regulation is one of the more security demanding regulations and it is also carries the heaviest penalties. This episode goes into the high …

Episode 236 - Tools, Tips and Tricks - OpenVAS

May 11th, 2018


Vulnerability scanning should be a regular security function for your environment. However, that requires some investment but there are open source …

Episode 235 - Tech Support Scam Calls Are On The Rise, How Do You Spot Them

May 10th, 2018


A report from Microsoft stated that the tech support scam calls are on the rise and will continue to rise. This episode goes into what these calls …

Episode 234 - Tips For Patch Management

May 9th, 2018


Patching your software and equipment is one of the most important functions in your environment and it's one of the most time consuming. Missing patches can expose great risk to your company and data, past breaches show …

Episode 233 - Being A Security Professional Means Master A Balance With Flexibility

May 8th, 2018


A security professional is more than the technical and regulatory resource in your company. A security professional needs to know how the business …

Episode 232 - Change Your Twitter Password Now, Listen To Hear Why

May 7th, 2018


If you have a Twitter account and you haven't already, change your password. There was a goof from in the inner workings of Twitter recently and to …

Episode 231 - Tools, Tips and Tricks - LetsEncrypt

May 4th, 2018


This week's tools, tips and tricks episode talks about Let's Encrypt. A free, automatic renewing certificate for your web sites. 

Let's Encrypt - 

Episode 230 - What Is Cryptomining And Why You Need To Know What It Is

May 3rd, 2018


Cryptomining is the new word seen more and more in reports and stories of upcoming risks to companies. What is it? Why do I care? This episode goes into what cryptomining is, how it works and why your business needs to …

Episode 229 - Mini Series - Top 10 Reasons To Pen Test - Show The Consequences

May 2nd, 2018


Continuing with the Mini-Series Top 10 Reasons To Pen Test we have reached number 6. This episode talks about how pen tests can help show the consequences of the test. Make the company feel actual pain of losing access …

Episode 228 - Survey Shows Most People Do Not Change Their WiFi Settings, You Need To

May 1st, 2018


Everyone has a Wifi router in their homes at this point. Unfortunately most do not change the settings or secure it properly when they take it out of the box from the store. This episode goes over a survey conducted and …

Epsiode 227 - Gmail Gets A Redesign And Adds Security Features You Should Know

April 30th, 2018


If you are a Google Gmail user you may have received the new redesign, if you haven't you will soon. Gmail's recent redesign adds more features to help manage and respond to emails but this episode talks about the new …

Episode 226 - Tools, Tips and Tricks - Macrium Reflect

April 27th, 2018


This week's tools, tips and tricks episode talks about a backup and restoration solution for Windows. There will come a time when your system fails …

Episode 225 - The GDPR Will Show You How Your Data Is Used - PayPal Example

April 26th, 2018


The GDPR will open the eyes to all of us when it comes to what data is collected by companies, how it's used and who it's shared with. THis episode …

Episode 224 - Mini Series - Top 10 Reasons To Pen Test - 5 - Understand If Awareness Is Needed

April 25th, 2018


Continuing with the mini series Top 10 Reason Why You Should Run Pen Tests we hit number 5. Number 5 is about using Pen tests to see if your security …

Episode 223 - What You Share About Yourself On The Internet Could Get Your Accounts Compromised

April 24th, 2018


Socializing on the Internet means you talk about yourself. However, the details about your life and your past may be gateways to get your accounts …

Episode 222 - Why Every Parent Should Know What COPPA Is

April 23rd, 2018


COPPA - The Child Online Privacy Protection Act is a federal law that had been in place since 2000 and most parents aren't aware of it. This episode goes into what COPPA is, what websites that cater to kids have to do …

Episode 221 - Tools, Tips and Tricks -

April 20th, 2018


This week's tools, tips and tricks episode goes over A website search engine for Internet connected devices. THis website is a powerful …

Episode 220 - IoT Strikes Again - The Worst Is Yet To Come

April 19th, 2018


Internet of Things (IoT) is a security nightmare. Millions of devices are out on the open Internet with 10 year old vulnerabilities that are being …

Episode 219 - Firefox Releases Privacy Protection By Default In iOS

April 18th, 2018


Mozilla has been stepping up their privacy centric approach for users. Earlier this week they released a feature in Firefox for Facebook isolation. …

Episode 218 - Mini Series Top 10 Reasons To Pen Test - 4 - Test Your Controls

April 17th, 2018


Continuing with the mini series Top 10 Reasons To Run Penetration Tests. Number four talks about using the tests to not just check for the target …

Episode 217 - Firefox Can Now Isolate Your Facebook Identity From Being Tracked

April 16th, 2018


Mozilla is not a fan of Facebook's privacy position. Recently they pulled all advertising off Facebook and now have released a plug-in for Firefox to …

Episode 216 - Cloudflare DNS - Why You Should Start Using It Today

April 13th, 2018


This week's Tools, Tips and Tricks episode is the one you should use starting today. Cloudflare released a new, private and public DNS that anyone …

Episode 215 - Ways To Detect A Hacker In Your Environment

April 12th, 2018


On average it takes a business 180 days to detect a breach. Six months of a hacker walking around your systems, stealing data, planting malware and anything else they can. There are things you can look out for, …

Episode 214 - Protecting Your Business From A Ransomware Attack

April 11th, 2018


Ransomware attacks are an unfortunate reality in today's world. They can be far more disruptive and destructive than your typical malware. Ransomware can destroy your business and data. There are things you can do to …

Episode 213 - Mini-Series: Top 10 Reasons To Pen-Test - 3 - Justify Business Decisions

April 10th, 2018


Continuing with the Top 10 Reasons What You Should Pentest mini-series we are at number 3. Penetration tests will help you justify business decisions …

Episode 212 - Panera Bread Breach - They Knew And Did Nothing.

April 9th, 2018


If you shopped online with Panera Bread or did business through their catering arm chances are your data was compromised. Panera Bread's website had …

Episode 211 - Tools, Tips and Tricks - HTTPS Everywhere

April 6th, 2018


If you browse the Internet you should always use HTTPS when visiting websites, especially those that support it. It can be a manual effort and every …

Episode 210 - Tax Season Is Approaching, That Means The Phishing Scams Are Increasing

April 5th, 2018


The tax man is coming. The date to file your United States taxes is looming closer and that means the phishing attacks are increasing. This episode goes into the different types of phishing scams, phone call scams and …

Episode 209 - IoT Strikes Again - Most Devices Can Be Hacked Using Only Google

April 4th, 2018


IoT, the Internet of Things, is the thorn in my security side. The unregulated, uncertified, unreasonable devices with minimal to no security …

Episode 208 - Mini-Series - Top 10 Reasons To Pen Test - 2 - Find Out What Is Wrong

April 3rd, 2018


Continuing with the mini series Top 10 Reasons To Conduct A Penetration Test we are at number 2. The second reason to test, because you need to find out the gaps. This episode breaks down things you can find only …

Episode 207 - Alexa Is Recording What You Say, Here Is How You Delete It

April 2nd, 2018


With the inclusion of all these home automation, personal assistants into our lives we are adding more ears listening. Each one of the devices have microphones listening, some when you don't think they are, and your …

Episode 206 - Tools, Tips and Tricks -

March 30th, 2018


If you have a Windows PC you probably have looked at your Task Manager and asked yourself, What Is That File? Is it dangerous? Why is it consuming so much memory? That is where ProcessLibrary comes in. This episode goes …

Episode 205 - Facebook Fail - How To Break Away From Facebook

March 29th, 2018


If you are done with the privacy practices of Facebook you can break away from it. The hard part is the social aspect of family members and friends …

Episode 204 - Facebook Fail - How To Limit Your Presence On Facebook

March 28th, 2018


Facebook has no concern about your privacy, that's a proven fact. They want to gather as much information about your private life the better because that allows higher prices to advertisers to better 'customize' ads you …

Episode 203 - Facebook Fail - How To See What Facebook Knows About You

March 27th, 2018


Facebook gathers more data about you than you realize. However, you can download almost everything from Facebook to review it. This episode goes into …

Episode 202 - Facebook Fail - Their Business Is Your Private Data

March 26th, 2018


After the week Facebook had I decided to commit a week's worth of episodes to talk about the various Facebook practices that are ultimately at your …

Episode 201 - Tools, Tips and Tricks -

March 23rd, 2018


This week's Tools, Tips and Tricks talks about A collection of network, email and web testing/monitoring tools. If you run a website …

Episode 200 - The Department Of Homeland Security InfoSec Department Is Just Like Yours

March 22nd, 2018


The annual security report for the Department of Homeland Security was released and the results are shocking. The US Government agencies have the …

Episode 199 - The Top 5 Challenges Of Meeting GDPR

March 21st, 2018


The General Data Protection Rule (GDPR) is the new privacy framework for the EU data starting in May, 2018. Many companies have been working toward …

Episode 198 - Mini-Series Top 10 Reason To Pen-Test - 1 - Meet Security Regulations

March 20th, 2018


This is the first episode of a ten episode mini-series, Why You Should Be Pen-Testing your apps. The first episode talk about how pent-tests can help …

Episode 197 - At This Point Don't Use Any Facebook Security Products

March 19th, 2018


Facebook released, then pulled back, another security product through their Onavo arm that siphoned data from your phone. This is the second app …

Episode 196 - Tools, Tips and Tricks - OWASP Zap

March 16th, 2018


This week's tools, tips and ticks talk about OWASP Zap. The security testing proxy for your web application testing needs. Whether you are a …

Episode 195 - The Faces Of Your Insider Threats

March 15th, 2018


Insider threats is a common phrase and most people associate it to a single type of person. The malicious individual intent to do harm. This is not the case, inside threats have many faces. This episode goes through the …

Episode 194 - The FBI Paid Geek Squad Employees To Be Informants

March 14th, 2018


When your personal devices breakdown you may take them to a local repair shop. Giving them your computer and most likely full admin access to repair …

Episode 193 - All Oculus Headsets Have Been Rendered Useless, A Study In Poor Certificate Management

March 13th, 2018


If you own an Oculus VR headset chances are it's a useless paperweight right now. The vendor failed to update a simple certificate which is required …

Episode 192 - How Much Is Your Identity Worth On The Dark Web

March 13th, 2018


When you identity is stolen one of two things will happen. The thief will use your information or they will sell it. The Dark Web is the place where …

Episode 191 - Tools, Tips and Tricks - Spiceworks

March 9th, 2018


This week's tools, tips and tricks goes over a fantastic collection of IT Administration and Security tools, Spiceworks. Spiceworks is a full free …

Episode 190 - Email Is Still Your Company's Weakest Link

March 8th, 2018


This shouldn't be a shock but email stinks. It's one of the biggest security threats to your company. You may have filters on the messages but you …

Episode 189 - What Is A CSIRT And Does Your Company Need One, Yet?

March 7th, 2018


In the security world things happen, we call these incidents. Big and small all incidents need to be investigated, mitigated and worked to prevent them. That's where a CSIRT comes into the mix. Computer Security …

Episode 188 - What Is A SOC And Does Your Company Need One, Yet?

March 6th, 2018


If you are IT or near the security world you probably have heard the term SOC (pronounced SOCK). SOC stands for Security Operations Center. What is a SOC and how does it differ from your security team? This episode goes …

Episode 187 - What Is Considered A Breach In Healthcare?

March 5th, 2018


We heard the word breach all the time in the news, stories and reports. What is a breach? The answer is not as simple as you think, especially in the Healthcare world. This episode goes into the definitions and explains …

Episode 186 - Tools, Tips and Tricks - Pwned Passwords

March 2nd, 2018


Troy Hunt, creator of Have I Been Pwned, added a new feature to the website called Pwned Passwords. This is a collection of over 500 million …

Episode 185 - How You Can Be Breached Without Detecting It

March 1st, 2018


Hackers want to remain undetected. The longer they slip under your radar the longer they can steal your data. This episode goes into a few ways you can identify signs that you have something malicious running on your …

Episode 184 - Should We Create A National Cybersecurity Safety Board?

February 28th, 2018


Is it time to create a National Cybersecurity Safety Board similar to the NTSB? This episode goes into the idea of this for post-breach investigations and recommendations after the fact. 


Be aware, be safe.

Episode 183 - How To Stop Websites Using Your PC To Mine Bitcoin

February 27th, 2018


Bitcoin or cryptocurrency mining is becoming the new thing websites and hackers are doing. Legitimate websites could be using your PC computing power …

Episode 182 - Google Releases A Zero Day After Microsoft Fails To Patch It

February 26th, 2018


Google has a security research team called Project Zero that looks for security vulnerabilities in pretty much anything. There is an agreed rule that …

Episode 181 - Tools, Tips and Tricks - The Google Hacking Database

February 23rd, 2018


We all use of have used Google search at some point in our digital lives. I would be that most don't know how powerful it truly is. The Google …

Episode 180 - How To Avoid Torpedoing Your Own Security Plans

February 22nd, 2018


There are threats everywhere looking to disrupt and try to break your security plans and projects. Most teams forget to look at themselves and realize that their own actions and inactions can do just as much damage to …

Episode 179 - Facebook Offering A Free VPN - DO NOT USE IT!!!

February 21st, 2018


I am 100% pro-VPN for personal use. It protects you, your privacy, keeps your Internet use away from prying eyes. Facebook is getting on board and not offering a VPN for iOS users. DO NOT USE IT! PERIOD! RUN AWAY!!! …

Episode 178 - Google To Start Labeling HTTP Website As Not Secure

February 20th, 2018


Google is slowly moving toward a complete secure web. Starting in June Chrome will begin to label all HTTP only websites as Not Secure. This episode goes into the details, what the difference is between HTTP and HTTPS …

Episode 177 - How To Tell If You Might Have Malware

February 19th, 2018


Malware is the big buzzword lately. Even though you may have endpoint protection and run scans malware can still sneak onto your computer and cause problems or steal your information. This episode goes over some signs …

Episode 176 - Tools, Tips and Tricks - Windows Sysinternals

February 16th, 2018


If you work with Windows from an administrative position, have Windows on your PC at home or want to learn more about how Windows functions under the covers then this episode is for you. Windows Sysinternals has been …

Episode 175 - Business Email Compromise Scams Affect Everyone, But You Can Avoid It Easily

February 15th, 2018


Business email compromise emails or also known as the CEO email scams impact basically every organization. You are at risk of getting one and there is nothing you can do to prevent one from being delivered. This episode …

Episode 174 - How To Create An Incident Response Plan In A Few Easy Steps

February 14th, 2018


When you have an incident in your business, from a virus infection or massive outage, do you and your business know how to react? Incident response plans are an important part of an effective security program. This …

Episode 173 - What Is Malicious Cryptomining And Why Is It Harmful For Your Business

February 13th, 2018


The new threats to businesses is cryptomining. Instead of delivering ransomware or other damaging malware criminals are turning to secretly using your computer's processor power to mine for cryptocurrencies. This …

Episode 172 - Time To Let Adobe Flash Go, Uninstall It And Get It Out Of Your Life

February 12th, 2018


This past week a new zero day vulnerability was announced for Adobe Flash. Just add it to the list of security holes Flash has. It's time to get rid …

Episode 171 - Tools, Tips and Tricks - bWapp, a very buggy web application

February 9th, 2018


This week's tools, tips and tricks episode talks about bWapp, a very buggy web application. bWapp is a fully functional web application you can …

Episode 170 - Microsoft Going After Scareware By Forcibly Uninstalling It From Your PC

February 8th, 2018


Scareware is software that is installed on your PC that will alert you to some dire event. Usually it deals with viruses detected and the end game is you have to pay to upgrade the software to clean it. Scareware is …

Epsiode 169 - Heads up, Meltdown And Spectre Malware Detected In The Wild

February 7th, 2018


Meltdown and Spectre are two nasty vulnerabilities that were announced a few weeks ago. What makes these so bad is they are on the processors, the …

Episode 168 - Celebrate Safer Internet Day Today!

February 6th, 2018


Today is Safer Internet Day! A day each year in February to help bring awareness for creating a safer Internet for children and young people.

The 2018 theme, "Create, connect and share respect: A better internet starts …

Episode 167 - It's Tax Time and Tax Scam Time, Some Prevention Tips For You

February 5th, 2018


It's that time of year for us all to do our taxes. It's also the time of year our most sensitive data is moving around to multiple locations, seen by …

Episode 166 - Tools, Tips and Tricks - ProtonMail

February 2nd, 2018


This week's tools, tips and tricks is about secure communication. Privacy is becoming a huge issue and people are starting to come around to the need …

Episode 165 - Watch Out For The Computer Support Virus Scam Phone Calls

February 1st, 2018


I was sitting in my home office and the phone rang. A guy on the other end with a hard accent said his name was 'Mark' and said he detected viruses on my computer for several days. He goes on to try to scare me with …

Episode 164 - Reddit Rolls Out Two Factor Authentication To All Users

January 31st, 2018


Reddit, the front page of the Internet, one of the largest and most popular websites on the web improve their security capabilities. Reddit rolled …

Episode 163 - Shared Accounts In Companies Are Still A Major Problem

January 30th, 2018


In businesses it's a common and bad practice for IT administrators to share accounts. The practice lowers the number of high privilege accounts in a company but by doing so removes the ability of proper accountability, …

Episode 162 - Google Is Recording Your Voice, How To Listen To And Delete IT

January 29th, 2018


Were you aware Google is recording your voice from your computers and mobile devices? They are. Did you know you can go into your account, listen to all the creepy recordings of you talking at random times but you can …

Episode 161 - Tools, Tips and Tricks -

January 26th, 2018


There are times when you come across a file and have no idea what it is, what it's for, if it's dangerous and if you can delete it. This is where a website like comes in. There are many resources like …

Episode 160 - Only 10% Of Gmail Users Have Two-Factor Authentication Enabled, Don't Be In The 90%

January 25th, 2018


Google recently announced a report that only 10% of Gmail accounts have two-factor authentication enabled. Although the feature has been available since 2011 mass adoption has not occurred. This episode goes into what …

Episode 159 - If You Have A USB Drive Connected To Your Home Router, You Need This Episode

January 24th, 2018


The latest generation of home routers make it very easy to connect large USB hard drives for centralized file backups and sharing. The episode tells a story of how dangerous that is if you aren't looking out for certain …

Episode 158 - Equifax Would Pay $1.5 BILLION If New Proposed Laws Were In Place

January 23rd, 2018


Penalties from hacked companies are insufficient to curb security practices and properly cover victims. That is about to change. A new proposal by …

Episode 157 - US Hospital Pays Hackers $55,000, Bad Precedent

January 22nd, 2018


A hospital in Indiana recently was the victim of a ransomware attack. The ransom was 4 Bitcoin, about $55,000 at the time, and the hospital was given …

Episode 156 - Tools, Tips and Tricks - Exploit Database

January 19th, 2018


Everyday we hear about a new vulnerability, a new flaw, a series of critical patches we need to apply. How do we keep it all straight? The Exploit …

Episode 155 - Why You Should Phish Your Employees

January 18th, 2018


Phishing, emails made to look legitimate, is one of the main methods to deliver malware, steal credentials and conduct fraud. Security awareness training covers phishing but how do you really know if people can avoid …

Episode 154 - Five Simple Ways To Protect Yourself From Hackers

January 17th, 2018


This episode lays out five simple tips you can take to help protect yourself from hackers. These tips are applicable to an individual or to any business, big or small, to help protect and mitigate hacker's activities …

Episode 153 - IoT Strikes Again - VTech Ordered To Pay Up For Child Privacy Failures

January 16th, 2018


VTech had a large data leak with one of their toys in 2015 and now they have been hit with a big fine. VTech collected personal information on …

Episode 152 - How To Help Your Security Program Be Accepted

January 15th, 2018


Creating a security program is the easy part, getting it integrated and accepted by the business and employees is the hard part. Security is more …

Episode 151 - Tools, Tips and Tricks - FCC Cyberplanner Website

January 12th, 2018


This week's tools, tips and tricks episode is a tip on gathering guidelines on building a cybersecurity program. The Federal Communication Commission …

Episode 150 - Serious Processor Security Flaw Impacts Almost Every Computer and Mobile Device, Patch Now

January 11th, 2018


A new security flaw has been announced that impacts almost every computer and mobile device built in the last 10 years. This shows the importance of …

Episode 149 - Top 10 Security Tips For Your Network - Don't Forget About Mobile And BYOD

January 10th, 2018


Top 10 security tips for your network and we are at number 10 - Don't forget about mobile and BYOD. It may seem cheap, easy and flexible to allow employees to use their own personal devices to access company email and …

Episode 148 - Are You The Reason Your Identity Was Stolen? Don't Make The Mistakes

January 9th, 2018


Personally Identifiable Information is the gateway to identity theft. We hear about companies losing control of PII but there are also things …

Episode 147 - Why You Should Never Save Passwords In Your Browser, Any Browser

January 8th, 2018


If you use a browser you may have noticed that when you enter a username/password in a website the browser asks you to save it. Don't. It may seem convenient to save those for easy login next time but it's not as secure …

Episode 146 - Tools, Tips and Tricks - Qualsys SSL Server Test

January 5th, 2018


This week's TTT episode talks about a website from Qualsys' SSL Labs. SSL Server Test is a fantastic website for a preliminary scan of any website …

Episode 145 - Why You Should Be Keeping A Career Journal

January 4th, 2018


Everyone takes notes for their job. Not everyone keeps a journal specifically around their career life. Journaling is a powerful tool, if done …

Episode 144 - Top 10 Tips To Secure Your Network - 9 - Define Strong Rules For Admin Accounts

January 3rd, 2018


Continuing with mini-series Top 10 Tips to Secure Your Network we are at number nine. Define strong rules for your administrator accounts. These …

Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4

January 2nd, 2018


Your video games systems are powerful computers running operating systems similar to those driving your desktops. Requiring internet connectivity …

Episode 142 - Security & IT Predictions For 2018

December 29th, 2017


The last episode of the year! This episode goes over my security and IT predictions for 2018. The full blog post on the predictions can be found on …

Episode 141 - 2017 Predictions Reviewed

December 28th, 2017


Each year on my blog,, I do security & IT predictions for the next year. As part of that, before I release my predictions I go back and look at the ones I made before and rate them. This episode …

Episode 140 - Top 10 Breaches Of 2017

December 27th, 2017


As 2017 comes to a close we look back at the top security breaches of the year. This episode goes over the biggest breaches of 2017 and how each happened. 


Be aware, be safe.


Episode 139 - Top 10 Passwords Used In 2017

December 26th, 2017


When breaches are disclosed or discovered on the Internet and Dark Web, researches pull together the data an analyze it. Each year a group called …

Episode 138 - Tools, Tips and Tricks - Infosec Reactions Humor Website

December 22nd, 2017


The security business is a serious and frustrating world. Like many things in life you have to not take it too seriously from time to time. There is a website dedicated for Security Professionals to express their …

Episode 137 - Top 10 Security Tips For Your Network - 8 - Regular Security Audits

December 21st, 2017


Continuing with the mini series Top 10 Security Tips For Your Network we are up to number 8. Conduct regular security audits. The only way you can be …

Episode 136 - Top Online Scams To Avoid

December 20th, 2017


As we increase our online shopping, email and social network use the scams increase as well. Only by knowing the scams that are out there and how they work can you know how to avoid them. This episode goes into the top …

Episode 135 - OWASP Top 10 - A10 - Unvalidated Redirects and Forwards

December 19th, 2017


The last item in the mini series OWASP Top 10. Number 10, Unvalidated Redirects and Forwards. This episode goes in to the details on what this is and how to avoid having them in your application. 

OWASP Top 10 A10 -

Episode 134 - Best Security Practices For Your Browser

December 18th, 2017


As our Internet lives rely on the browser it's important to know how to use them in a secure way. You cannot assume your browser is setup in the most secure way possible. This episode goes through several best …

Episode 133 - Tools, Tips and Tricks - Circle

December 15th, 2017


This week's TTT episode talks about a fantastic new service to help manage your family's home Internet use. It's called Circle and this is a network level filter and time management capability that sits on your home …

Episode 132 - Top 10 Security Tips For Your Network - 7 - Protect Your Network Access

December 14th, 2017


Number 7 in my Top 10 Security Tips for Your Network talks about protecting the external access into your network. Whether through applications, FTP, VPN, etc... your customers and employees at some point need to get to …

Episode 131 - A Major Breach Exposed A Company Was Stealing Your Data

December 13th, 2017


A major breach with a popular keyboard app showed that they were collecting far more data on their users than they should. This makes all of us think …

Episode 130 - OWASP Top 10 - A9 - Using Components With Known Vulnerabilities

December 12th, 2017


The OWASP Top 10 list is almost done. Number 9 talks about using components with known vulnerabilities. If you think this doesn't happen, look at …

Episode 129 - LinkedIn InMail Phishing Shows The Need For Two Factor Authentication

December 11th, 2017


A recent increase of LinkedIn accounts being used for phishing campaigns is a cause for concern. These accounts are compromised and then used to send InMail messages to all contacts. Very convincing but also very …

Episode 128 - Tools, Tips and Tricks - Evernote

December 8th, 2017


This week's TTT episode talks about the cloud file, note and thought organizer Evernote. Over the years Evernote has solidified themselves as a …

Episode 127 - Top 10 Security Tips For Your Network - Protect Against Malicious Code

December 7th, 2017


This one seems like a common sense action but you'd be surprised the lack of end to end protection in environments. Viruses, malware and malicious code don't just infect one machine, they look to spread. If you have …

Episode 126 - Why Are Data Breaches So Expensive For Businesses?

December 6th, 2017


We all hear about data breaches but do you know exactly all the costs that go into the recovery of them? It's far more complicated than you realized and for some businesses might be a bankruptcy level event. This …

Episode 125 - OWASP Top 10 - A8 - Cross Site Request Forgery

December 5th, 2017


The OWASP Top 10 series continues on to number 8, Cross Site Script Forgery. This vulnerability is about how applications take input and requests and …

Episode 124 - The Apple Security Failure Shows Us To Stay Up To Date On Patches

December 4th, 2017


Apple released a new version/upgrade to their operating system called High Sierra. In addition to all the new features they accidentally removed the …

Episode 123 - Tools, Tips and Tricks - Malwarebytes

December 1st, 2017


The starting point for any malware scan is a tool called Malwarebytes. This episode goes into the reason why I always start with Malwarebytes on …

Episode 122 - Top 10 Security Tips For Your Network - 5 - Encrypt Your Data

November 30th, 2017


The Top 10 Security Tips For Your Network continues with number 5, Encrypt Your Data. Encryption is the knee jerk response to any security even by …

Episode 121 - Personal Security Tips For Holiday Shopping

November 29th, 2017


The holiday season is upon us and that means more trips to the stores and more purchases online. This also means the bad guys are increasing their …

Episode 120 - OWASP Top 10 - A7 - Missing Function Level Access Control

November 28th, 2017


The OWASP Top 10 series continues and we're up to number 7. This one is called Missing Function Level Access Control and talk about protecting the …

Episode 119 - Uber Was Hacked And Covered It Up For A Year, Scary

November 27th, 2017


Uber was the recent hack that was made public. 57 million records of riders and drivers. The data stolen for the riders was name and email, no …

Episode 118 - Tools, Tips and Tricks - WinDirStat, Disk Space Manager

November 24th, 2017


Hard drive space is becoming a problem again with the ever increasing mobile devices. Why? We need a place to back them up. All those photos, videos and app fit on your phone but on your PC space can be a problem. 

Episode 117 - Top 10 Security Tips For Your Network - 4 - Cyber Rules For Your Employees

November 22nd, 2017


Continuing with the Top 10 Security Tips For Your Network mini-series we are up to number four. This tips talk about creating cyber rules for your …

Episode 116 - OWASP - A6 - Sensitive Data Exposure

November 21st, 2017


Continuing with the OWASP Top 10 mini-series we are up to number 6, Sensitive Data Exposure. This episode reviews the challenge of figuring out what data you deem sensitive and all the areas you need to worry about …

Episode 115 - IoT Strikes Again - Bluetooth Flaw Impacts 20 Million Amazon and Google Home Devices

November 20th, 2017


The Internet of Things lack of security focus strikes again! This times it is a flaw in Bluetooth dubbed BlueBorne than impacts billions of mobiles devices and now your home devices too.

This episode goes into the flaw, …

Episode 114 - Tools, Tips and Tricks - Have I Been Pwned

November 17th, 2017


One of the top websites to keep you informed of your security risks is Have I Been Pwned. This website allows you to search for your email account(s) to see if they have been part of any breaches. This website is …

Episode 113 - Top 10 Security Tips For Your Network - 3 - Physical Security

November 16th, 2017


Continuing with the mini-series, Top 10 Security Tips For Your Network, number 3 talks about physical security. You can spend thousands to millions …

Episode 112 - Why You Should Setup The Guest Network On Your Home Wi-Fi

November 15th, 2017


Most of us have home Wi-Fi. When friends, family and visitors come over they may expect to get on your Wi-Fi to get Internet access. There are …

Episode 111 - OWASP Top 10 - A5 - Security Misconfigurations

November 14th, 2017


Halfway through the OWASP Top 10 mini-series we reached number 5, Security Misconfigurations. This item in the top 10 shows that the OWASP covers more than the code. Security Misconfigurations deals with the entire …

Episode 110 - The Donal Trump Twitter Deactivation Is A Lesson In Employee Trust

November 13th, 2017


President Trump's Twitter account was deactivated for 11 minutes and the world went bonkers. It turns out that it wasn't a mistake but a rogue act by an employee's last day on the job. This episode takes this a step …

Episode 109 - Tools, Tips and Tricks - DuckDuckGo

November 10th, 2017


This week's TTT episode talks about the search engine DuckDuckGo. If you want to search without being tracked, recorded and followed then you should …

Episode 108 - Top 10 Security Tips For Your Network - 2 - Patch

November 9th, 2017


Continuing with the mini-series Top 10 Security Tips For Your Network number 2 is about patching. Equifax happened, ultimately, due to a lack of …

Episode 107 - Get A Password Manager, What Are You Waiting For?

November 8th, 2017


The best advice you can take is to look into getting a Password Manager. A vaulting, generator to help manage all your passwords for personal and …

Episode 106 - OWASP Top 10 - A4 - Insecure Direct Object References

November 7th, 2017


We continue with the OWASP Top 10 series and next up is number 4, Insecure Direct Object References. This episode gives a high overview of this …

Episode 105 - What Is Browser Canvas Fingerprinting And Why You Should Care?

November 6th, 2017


This episode talks about Browser Canvas Fingerprinter, the less known 'super tracking cookie' of the Internet. Firefox announced that their next …

Episode 104 - Tools, Tips and Tricks - Mr. Whoer

November 3rd, 2017


In this week's TTT episode I talk about a website called Mr. Whoer. This should be part of your bookmarks and used regularly. Mr. Whoer provides you …

Episode 103 - Top 10 Security Tips For Your Network - 1 - Use Strong Authentication

November 2nd, 2017


A new mini-series, Top 10 Security Tips For Your Network. Instead of quickly listing off a top 10 list there will be one episode for each item. The first tip is about using strong authentication anywhere applicable to …

Episode 102 - OWASP Top 10 - A3 - Cross Site Scripting

November 1st, 2017


Next in the OWASP Top 10 series is number 3, Cross Site Scripting (XSS). This vulnerability is the most common of the Top 10. It can open your …

Episode 101 - Email Sucks, Stop Using It, Communicate More Effectively

October 31st, 2017


Email needs to go, it's a security nightmare, it's a pain to manage and it has become an inefficient method of communication. Look at your inbox, how much time do you spend 'cleaning it out', messages skipped over or …

Episode 100 - Thank You For The First 100 Episodes

October 30th, 2017


When I first started this podcast I never would have thought I'd be recording my 100th episode. It's all because of the listeners and feedback …

Episode 99 - Tips, Tricks and Tools - SpyBot

October 27th, 2017


This week's TTT Episode covers a great malware scanner for your Windows computers. SpyBot - Search & Destroy is a tool I have been using for over …

Episode 98 - Create A Culture Of Security To Be Successful

October 26th, 2017


Building a successful security program in any company is difficult. There's a way to help it become successful and a way to make it be rejected and …

Episode 97 - You Have No Expectation Of Privacy On Business Systems

October 25th, 2017


There is a balance between business use and personal on computers and systems businesses provide to employees. Personal use is inevitable, a personal email to your wife, saving off a photo and so on. If you do store …

Episode 96 - OWASP A2 - Broken Authentication And Session Management

October 24th, 2017


Continuing with the OWASP Top 10 series we are on number 2, Broken Authentication and Session Management. What is it? How can be exploited? This episode breaks down what this covers and why it's number two in the Top …

Episode 95 - Release The KRACKen! Update All Your WiFi Devices NOW!

October 23rd, 2017


Last week a report was released showing how the WPA2 WiFi Encryption Protocol can be compromised. This is a serious security alert as it affects …

Episode 94 - Tips, Tricks and Tools (TTT Episode) - VirusTotal

October 20th, 2017


Going forward, each Friday I will do a TTT Episode. Tips, Tricks and Tools will highlight one of the many, many tools and tricks I use daily in my …

Episode 93 - Why You Shouldn't Accept Every LinkedIn Connection Request

October 19th, 2017


LinkedIn is the social network for our professional persona. Our careers and business contacts kept separate form our personal social lives. On LinkedIn we tend to accept connections more freely than on our personal …

Episode 92 - What Is Two Factor Authentication And Why You Should Enable It Now

October 18th, 2017


There are three factors of authentication - What You Know, What Your Have and What You Are. A basic username/password combo is no longer sufficient …

Episode 91 - OWASP Top 10 - A1 Injection

October 17th, 2017


The first in a series of ten episodes going over each of the OWASP Top 10 items. A1 deals with Injection. This episode goes over the very high level description on what it is, how it's exploited and the damage that can …

Episode 90 - How Not To Fall For The Apple iOS Phishing Attack

October 16th, 2017


Phishing is the technique to trick a victim to enter their account credentials into an app or website they think is legit. In reality it's a fake site and they send their account information to a criminal element. Apple …

Episode 89 - Book Review: Secure Enough? by Bryce Austin

October 13th, 2017


This episode I review the book Secure Enough? 20 Cybersecurity Questions For Business Owners and Executives by Bryce Austin.

Amazon Link.

Goodreads Link.

TCE Strategy, Bryce's Website.

BONUS EPISODE - Tech Scammer Recorded, Learn What They Are

October 12th, 2017


I received one of those tech support scam phone calls today. I am usually more prepared for them but it took me a few minutes to get prepared to record it. This episode shows you what these tech scam calls sound like, …

Episode 88 - Security Assessments Are Only Good At The Time You Conduct One, Do More

October 12th, 2017


Security and Risk Assessments are a critical components of a security program. You will see that regular assessments will be asked for more often by …

Episode 87 - In Security You Need To Answer The Hardest Question, So What?

October 11th, 2017


So What? What does this mean to me? That's the question that you need to answer. Depending on who you talk to, the answer will be different. In Security you need to apply it to those questions, So What? It's the hardest …

Episode 86 - OWASP Top 10 Introduction

October 10th, 2017


OWASP is the Open Web Application Security Project. A global group set to provide developers and security professionals the tips and best practices in application development. There is more to the OWASP Top 10 than good …

Episode 85 - Cloud Services Don't Remove Your Security Responsibilities

October 9th, 2017


Moving to the cloud has many pros and cons for a business. One growing misconception is the amount of security a cloud provider will provide. In most cases the perimeter is protected but you are still responsible for …

Episode 84 - CIS 20 Penetration Tests

October 6th, 2017


We conclude the Critical Security Control series with number twenty. Penetration tests. You have all the other controls in place, your teams running …

Episode 83 - The Dangers Of Neglecting Your Wordpress Install

October 5th, 2017


Wordpress is one of the top blogging platforms. It's freely available, easy to install and a prime target for hackers. Vulnerabilities in the …

Episode 82 - CIS 19 Incident Response

October 4th, 2017


Continuing in the Critical Security Controls we are at number nineteen. Incident Response. Now that you have all the tools, policies and procedures …

Episode 81 - The Verizon Leak Shows The Danger Of Shadow Cloud IT

October 3rd, 2017


Verizon suffered another leak of sensitive data from an unsecured Amazon Web Bucket. This time it was an internal employee that used the bucket for …

Episode 80 - CIS 18 Application Security

October 2nd, 2017


The next control in the Critical Security Controls is number 18, Application Security. Even though 50% of all attacks are against the application …

Episode 79 - Learning From Equifax - Watch Out For Future Scams

September 29th, 2017


In the wake of the Equifax breach, criminals will use this for new scams. Telephone calls claiming to help you fix your credit problems, emails stating you accounts will be closed from the breach, and so on. The only …

Episode 78 - Learning From Equifax - Application Security

September 28th, 2017


Next to social engineering the number one targets for hackers are the applications. Complex components, each with their own unique configurations and …

Episode 77 - Learning From Equifax - We Need To Think About The Data

September 27th, 2017


Breaches are unfortunate events but you need to look at them objectively and learn from them. The security profession works when you observe and …

Episode 76 - Learning From Equifax - Vulnerability Management

September 26th, 2017


The Equifax breach will be looked at for years. What went wrong? How could this have happened? There will be many answers given, some will be right …

Episode 75 - Learning From Equifax - What You Should Do To Protect Yourself

September 25th, 2017


The Equifax breach is one of the largest and most dangerous breaches so far. The reason this breach could be damaging for years to come is the data …

Episode 74 - Another Benefit Of A Personal VPN, Keeping Internet Use Fair

September 22nd, 2017


Using a personal VPN for your devices is something everyone should invest in. It keeps your data more secure, anonymous and another benefit is to …

Episode 73 - Just Because Employees Have Access, Doesn't Mean They're Authorized

September 21st, 2017


This episode talk about business authorization and use of access within a business. Just because your employees have access to do their job, that does not necessarily mean they can use that access whenever they want. …

Episode 72 - CIS 17 Security Awareness

September 20th, 2017


Continuing with the Critical Security Controls Top 20 we are at number seventeen. This control talks about Security Awareness and education efforts …

Episode 71 - Learning From Equifax, Patch Your Systems

September 19th, 2017


The Equifax breach was the largest to date. As anyone in the security profession should do on a regular basis is learn from other's mistakes. As …

Episode 70 - Why The Equifax Breach Is So Dangerous For Everyone

September 18th, 2017


The Equifax breach is one of the largest thus far. Unlike other breaches this one could be far more damaging for people who had their data stolen. It …

Episode 69 - CIS 16 Account Monitoring

September 15th, 2017


Continuing in the Critical Security Controls Top 20 we are at number sixteen. This control covers Account Monitoring. This episode goes over the …

Episode 68 - The Top Ransomware Protection Tips

September 14th, 2017


Ransomware is a nasty piece of malware that can destroy all your data. There are a few things you can do that will greatly reduce the risk of you and your company getting infected by a ransomware attack. This episode …

Episode 67 - Passing A Compliance Audit Doesn't Mean You're Secure

September 13th, 2017


Compliance audits are checkbox reviews of itemized lists of things you should be doing. If you pass a compliance audit, so what? Compliant to a list …

Episode 66 - CIS 15 Wireless Access Control

September 12th, 2017


Continuing the Critical Security Control Top 20 we are at number fifteen. This one covers Wireless Access Control. Unlike your physical network, …

Episode 65 - IoT Strikes Again, Now It's Life And Death

September 11th, 2017


The Internet of Things strikes again. The security risks in the growing number of internet connected devices have reached a level where it's now life or death. Medical devices are now in the target of the criminals. How …

Episode 64 - Why You Should Use A Personal Password Vault

September 8th, 2017


Passwords are the weakest link in your security. Especially if you try to manage them yourself. All the sites you access your passwords are less than optimal. Reusing passwords, weak passwords, easy to socially engineer …

Episode 63 - CIS 14 Need To Know

September 7th, 2017


Next in the CSC CIS Top 20 is control fourteen. This is about Controlling Access Based On Need To Know. We all have seen a TV show or movie that has …

Episode 62 - Another Celebrity Hacked, It Can Be Prevented

September 6th, 2017


Another day, another celebrity social media account was hacked. This time it was Selina Gomez's Instagram account. Either they don't know or don't care but these celebrities can prevent this from happening. You can to. …

Episode 61 - CIS 13 Data Protection

September 5th, 2017


Continuing the CIS CSC Top 20 series we reach control thirteen. This control talks about Data Protection. In this episode the control details are …

Episode 60 - Security & Privacy, With A Creepy Story

September 1st, 2017


Security and privacy are two different things. One is about protection and the other about use. How does it apply to your data and where you share it? This episode goes into the differences and ends with a creepy story …

Episode 59 - CIS 12 Boundary Defense

August 31st, 2017


The next control in the Top 20 Critical Security Control series is number 12, Boundary Defense. Your perimeter is your wall. All data flows in and …

Episode 58 - Include Security In Your Business Strategic Planning

August 30th, 2017


Security teams are most often looked to after the fact. CISOs and security leaders need to be closer, if not involved, with the strategic planning …

Episode 57 - CIS 11 Network Device Configurations

August 29th, 2017


The next control in the Top 20 Critical Security Controls is number 11, Network Device Configurations. Much like your workstations and servers you …

Episode 56 - Security Tips From The Celebrity Nude Leaks

August 28th, 2017


Celebrities are high targets for hackers. Finances, reputation, and data that will always be popular are the reasons. In the recent celebrity hacking …

Episode 55 - You Should Inventory Your Home Devices

August 25th, 2017


As the internet connected devices grow in our homes it is becoming more important to keep track of them. This episode goes into the need of keeping an inventory of all your home devices and why.

The partner episode that …

Episode 54 - CIS 10 Data Recovery

August 24th, 2017


Continuing the CIS Top 20 series we have reached the half way point with number 10. Data recovery. Your business may have backups but CIS 10 goes into the necessity of testing and proving your recovery from those …

Episode 53 - Don't Neglect Your Company's Physical Security

August 23rd, 2017


Information security is more than than the technology components. The physical security around the technology is just as important. This episode goes …

Episode 52 - Why Phishing Is Still Successful

August 22nd, 2017


Phishing is still a primary tool for criminals to use to spread malware, ransomware and steal identities. Why? How can this still be a successful …

Episode 51 - How To Avoid Facebook Scams

August 21st, 2017


Facebook is part of most people's lives and that makes it a prime target for scammers. There are several ways scammers try to rip you off. This …

Episode 50 - IoT Strikes Again, Vulnerable Solar Panels

August 18th, 2017


The Internet of Things strikes again! The unregulated, unchecked security practices with putting internet access capability on a device will continue …

Episode 49 - Breached Passwords Should Never Be Used Again, By Anyone

August 17th, 2017


A new search tool has come out that allows you to search your password to see if it's part of a breach. Why? Because NIST has stated that breached …

Episode 48 - CIS 9 Network Limits

August 16th, 2017


Next up in the Critical Security Controls is number nine, Network Limits. Much like your users and computers the network should be in a Least …

Episode 47 - Why Healthcare Data Is Top Target For Cybercriminals

August 15th, 2017


Note, this episode is over the five minutes but it's an important topic. Healthcare data is the most sought after recored on the dark markets. Why? What can be done with it and why is it the top target? Listen to this …

Episode 46 - IoT Security Legislation Is Coming

August 14th, 2017


IoT manufacturers have shown that they are not the best security practitioners. The US government has taken notice and new legislation is being moved through to put those device manufacturers on the path of best …

Episode 45 - CSC 8 Malware Defense

August 11th, 2017


Next item in the CSC Top 20 series is control number eight, Malware Defense. Why is it so important and how can you use it to protect yourself? …

Episode 44 - Don't Skip The Security Basics

August 10th, 2017


With all the technology at our disposal breaches are still occurring at an unprecedented rate. Why? It may be that our programs are focusing on …

Episode 43 - Buy Your Devices From Trusted Sources

August 9th, 2017


We are trained to search for the best deals when we purchase items. When it comes to computers and gadgets this could be a risk to your security and …

Episode 42 - Breached Data Sells Quickly, Really Quickly

August 8th, 2017


The FTC conducted an experiment to see how PII is used in the Dark Web. The results are eye opening and shocking. Listen to hear how long stolen PII …

Episode 41 - CIS 7 Email and Browsers

August 7th, 2017


Next up in the Critical Security Controls is number seven, email and browsers. This control talks about closing the ability of easy access through …

Episode 40 - IoT Strikes Again, Roomba Is Selling You Out

August 4th, 2017


IoT Devices are everywhere and with little to no security and privacy control. Roomba, the little robot vacuum, maps your home to work properly. Now, …

Episode 39 - CIS 6 Audit Logs

August 3rd, 2017


The next item in the Critical Security Controls is number 6, Audit Log. Logs are only as good as the data recorded and how often you look at them. …

Episode 38 - 6 BILLION records... in the first six months of 2017

August 2nd, 2017


In the first six months of 2017 a report showed there has been 6 BILLION records breached. This episode breaks down where these came from, how, and what you can do from reports like this.

Article - 

Episode 37 - Refresh Your Security Policies More Often

August 1st, 2017


Every security program has a set of policies. How often are you actually reviewing them for their effectiveness and accuracy? The world is changing …

Episode 36 - CIS 5 Controlling Administrative Accounts

July 31st, 2017


Continuing the breakdown of the CIS Top 20 Critical Security Controls the next one on the list is number 5, Controlling Administrative Accounts. The …

Episode 35 - Risk Management Is Not Your Excuse Maker

July 28th, 2017


Risk Management has a purpose within a security program. One of those is not to be used as your excuse to not do something. Accepting risk because lack of funds or desire to move forward is unacceptable... and risky. 

Episode 34 - CIS 4 Continuous Vulnerability Assessments

July 27th, 2017


Moving on in the CIS Top 20 the next up is number 4. Continuous Vulnerability Assessments. Monitoring your environment and systems for holes is a …

Episode 33 - IoT Security Failures Strike Again, This Time A Fish Tank

July 26th, 2017


Internet of Things is a craze to get everything on the Internet. However the rush to build has left security practices behind. Time and time again it's shown that IoT poses a security risk for everyone. This episode …

Episode 32 - Cyber Security Mistakes That Can Bite Your Business

July 25th, 2017


Cyber Security is a difficult practice to master. You may have components today but overlooking a few simple areas can come back and bite you in bad …

Episode 31 - Identity Management & HR, A Partnership For Success

July 24th, 2017


Security programs rely on user adoption and many times security projects are pushed back on from the changes they introduce. HR on the other hand seems to be able to do whatever they want. Use that to your advantage in …

Episode 30 - Check Your Wi-Fi Regularly

July 21st, 2017


We all have a Wi-Fi router in our homes but not everyone checks them regularly. Listen to the things you should review and why it's an important …

Episode 29 - CIS 3 Secure Configurations

July 20th, 2017


Next up in the CSCX Top 20 is number three, Secure Configurations. After you get your hardware and software inventories you need to ensure they are configured properly and consistently. This episode breaks it down.

Be …

Episode 28 - Dark Web Scanner - Matchlight

July 19th, 2017


Breaches occur more often than you realize, but they all aren't publicized. A service I use called Matchlight scans your personal information in the …

Episode 27 - Learn To Use The Have I Been Pwned Website

July 18th, 2017


With all the breaches that occur it's hard to keep track of them all. There's a website from a security professional that allows you to search your …

Epsiode 26 - Close Those Old Accounts

July 17th, 2017


We all have accounts on websites that we have long forgotten. Each one of those is a potential security risk for you left untouched. How can you keep …

Episode 25 - CIS 2 Inventory of Software

July 14th, 2017


The next Critical Security Control is number 2, Inventory of Software. What is it? How would you go about implementing this and what are they ways it …

Episode 24 - Treat Airline Boarding Passes Like Gold

July 13th, 2017


When you travel you need a pass to get through security and to your seat. Those little slips of paper could be very dangerous to your private …

Episode 23 - Reduce Insider Threats Through Employee Engagement

July 12th, 2017


Insider threats are just a big a concern for security teams as the outside word. How do you reduce the insider threats? Why is a challenge? This episode I talk about how employee engagement can do just that.

Be aware, …

Episode 22 - CIS 1 Inventory Of Devices

July 11th, 2017


We begin the CIS CSC Top 20 breakdown with control number one. Inventory of authorized and unauthorized devices. What does it mean? How do you …

Episode 21 - Security is Everyone's Problem, Let's Help Each Other

July 10th, 2017


The recent ransomeware attacks should open the conversation that security is everyone's problem. Attacks like this can impact everyone and we need to …

Episode 20 - Intro To The CIS Top 20

July 7th, 2017


Security professionals don't make policies and rules for the fun of it. There's a method to their madness. The Center of Internet Security created a …

Episode 19 - A Security Tip Everyone Should Do But Most Don't

July 6th, 2017


This episode give you a very simple security tip to help you react to personal security events. Everyone should be doing this with their personal …

Episode 18 - How To Avoid The Latest Ransomware

July 5th, 2017


There is another widespread ransomware attack going on around the globe. This episode covers where this ransomware came from, how it's spread and how you can avoid getting hit? 

MS 17-010 Patch

Episode 17 - IRS Telephone Scam Breakdown

July 3rd, 2017


There's a popular scam where criminal call you pretending to be the IRS and saying you owe money. If you don't pay they will issue an arrest warrant. …

Episode 16 - E-Cigs, Unhealthy For Your Security

June 30th, 2017


Who would have thought E-Cigs could also be bad for your IT Security health? They could be, listen to find out how.

Be aware, be safe.

Website - 

Epsiode 15 - Tips To Help Identify A Phishing Email

June 29th, 2017


Phishing emails try to trick you to take the bait, click a link and enter data to a criminal site that looks legitimate. Here are some tips on how to identify the easy red flags to make you stop and think about it …

Episode 14 - Phishing For Selfies

June 28th, 2017


Phishing emails get more complex and clever each day. A new one has surfaced that tries to trick people to send in selfies holding credit cards and …

Episode 13 - Start Using A Private VPN

June 27th, 2017


In the increasing drive to collect and sell your Internet browsing data it's more important to protect your privacy. Using a Private VPN on your …

Episode 12 - Smartphone Security Basics

June 26th, 2017


We all have smartphones but we all don't secure them the same way or properly. Today we talk about a few basic security steps you can take to make your phone far more secure. 

Be aware, be safe.

Website - 

Episode 11 - Are You Worried About Employee Home Security Yet?

June 23rd, 2017


As the lines continue to blur between corporate to home to cloud employee's personal security posture can pose a new risk with corporate assets and data. Are you starting to think about extending your reach into other …

Episode 10 - The Most Dangerous Object In A Security Program

June 22nd, 2017


There is one item, if used regularly in a security program, will cause your program to fail. What is this item? Tune in and hear what it is and why …

Episode 9 - Backup Your Files, Now

June 21st, 2017


The most under appreciated process most people do not do regularly or at all. Backing up your files. Everyone will hit a moment when your tech will …

Episode 8 - Avoid Being A Victim Of Crimes Of Opportunity

June 20th, 2017


Crimes of opportunity are quick, unplanned moments by criminals that see an easy opportunity to steal your items. Simple steps can help you avoid simple yet damaging crimes.

Be aware, be safe.

Website - 

Episode 7 - The Email Worth Millions

June 19th, 2017


Hear about one email turned out to be worth $1.9 million dollars in a very bad way. The CEO Phishing scam strikes again!

Be aware, be safe.

Website - 

Episode 6 - Breaches Are Not Only External

June 16th, 2017


When you hear the word breach most think about an external attack. This is not always the case, you can be breached and have no systems compromised. 

Be aware, be safe.

Website -

Twitter - 

Episode 5 - The Next Evolution Of The Password

June 15th, 2017


NIST (The National Institute of Standards and Technology) have taken steps to eliminate the password for the next evolution of security. Out with …

Episode 4 - Security Mistakes You Are Making Today

June 14th, 2017


We don't know each other but I can guess you are making one or more of these security mistakes. The reality is that fixing these are easy and will greatly improve your personal security posture. 

Be aware, be safe. 

Episode 3 - A Company Is Almost Destroyed By A Former Administrator

June 13th, 2017


A former administrator almost takes down an entire company through his actions. What went wrong? What were the security gaps that allowed this to …

Episode 2 - What Is The Security CIA Triad?

June 12th, 2017


A 5 minute explanation of the core component of security, the CIA triad. Confidentiality, Integrity and Availability. Everything in security can be traced back to one of those three categories. 

Be aware, be safe.

Episode 1 - The Introduction Episode

June 9th, 2017


The first episode of Security In 5, the podcast talking about security issues, tips and opinions in about five minutes. In the introduction episode Drew The Binary Blogger goes into his security background and talks …

Loading ...

Are you the creator of this podcast?

Verify your account

and pick the featured episodes for your show.

Listen to Security In Five Podcast


A free podcast app for iPhone and Android

  • User-created playlists and collections
  • Download episodes while on WiFi to listen without using mobile data
  • Stream podcast episodes without waiting for a download
  • Queue episodes to create a personal continuous playlist
RadioPublic on iOS and Android
Or by RSS
RSS feed

Connect with listeners

Podcasters use the RadioPublic listener relationship platform to build lasting connections with fans

Yes, let's begin connecting
Browser window

Find new listeners

  • A dedicated website for your podcast
  • Web embed players designed to convert visitors to listeners in the RadioPublic apps for iPhone and Android
Clicking mouse cursor

Understand your audience

  • Capture listener activity with affinity scores
  • Measure your promotional campaigns and integrate with Google and Facebook analytics
Graph of increasing value

Engage your fanbase

  • Deliver timely Calls To Action, including email acquistion for your mailing list
  • Share exactly the right moment in an episode via text, email, and social media
Icon of cellphone with money

Make money

  • Tip and transfer funds directly to podcastsers
  • Earn money for qualified plays in the RadioPublic apps with Paid Listens