Season 3, EP 2
A Closer Look at the Enduring Security Framework’s Guidance
October 26, 2022
We chatted with ReversingLabs Field CISO Matthew Rose about the ESF’s new guidance on software supply chain security.
Cyber Content Lead at ReversingLabs. Paul is a reporter, editor and industry analyst with 20 years’ experience covering the cyber security space. He is the founder and editor in chief at The Security Ledger, a cybersecurity news website. His writing about cyber security has appeared in publications including Forbes, The Christian Science Monitor, MIT Technology Review, The Economist Intelligence Unit, CIO Magazine, ZDNet and Fortune Small Business. He has appeared on NPR’s Marketplace Tech Report, KPCC AirTalk, Fox News Tech Take, Al Jazeera and The Oprah Show. You can find Paul online on Twitter (@paulfroberts and on LinkedIn).
Continue reading
Season 3, EP 1
Don’t Sleep on SBOMs
October 12, 2022 | Paul Roberts
We chatted with ReversingLabs Software Assurance Evangelist Charlie Jones about all-things SBOM.
Season 2, EP 7
Hunting Follina
September 7, 2022 | Paul Roberts
We chatted with ReversingLabs Malware Researcher Joseph Edwards about his research on the Follina Exploit.
Season 2, EP 6
Leveraging YARA
August, 2022 | Paul Roberts
We chatted with ReversingLabs Malware Researcher Hrvoje Samardžić and Roman Hüssy of Abuse.ch about YARAify, which aids threat hunting operations.
Season 2, EP 5
Lessons Learned from CI/CD Compromises
August, 2022 | Paul Roberts
We chatted with researchers Iain Smart & Viktor Gazdag of NCC Group about their research into attacks on CI/CD pipelines.
Season 2, EP 4
Déjà Vu: Uncovering Stolen Algorithms in Commercial Products
August, 2022 | Paul Roberts
We chatted with Black Hat Speaker Patrick Wardle who joined us to talk about unauthorized algorithm use.
Season 2, EP 3
Not All Developers Can Be Security Jedis
August, 2022 | Paul Roberts
We chatted with Black Hat Speaker Adam Shostack about the need for better developer training.
Season 2, EP 2
IconBurst - The Newest Software Supply Chain Attack
July, 2022 | Paul Roberts
We chatted with ReversingLabs Reverse Engineer Karlo Zanki about how he discovered IconBurst.
Season 2, EP 1
Smash and Grab - AstraLocker Breach
July, 2022 | Paul Roberts
We chatted with ReversingLabs Malware Researcher Joseph Edwards about his research on AstraLocker 2.0.
Season 1, EP 8
Bryson Bort of Scythe.io talks about the Colonial Pipeline attack and the lessons learned from the crippling ransomware attack a year ago
June, 2022 | Paul Roberts
Bryson Bort is a cybersecurity industry leader with experience in both the public and private sectors. He is the founder and CEO of Scythe.io, which performs high-level vulnerability assessments. He is also the co-founder of the ICS Village, a non-profit organization that builds critical infrastructure (CI) and presents it at various conferences. The non-profit also offers guidance and resources for IT practitioners.
Bort’s experiences made him the perfect fit to moderate a highly anticipated session at this year’s RSA Conference in San Francisco: Colonial Pipeline - What Happened, What Changed, featuring panelists from government, the media, and the fuel industry. ConversingLabs podcast host Paul Roberts checked in with Bort during this year’s conference to talk about the panel discussion, and the lessons learned from the Colonial Pipeline incident - including the need for closer scrutiny of critical infrastructure and the limits of voluntary, industry-driven standards for cybersecurity.
