we talk with Gadi Evron of Cymmetria, which released Mazehunter, a targeted hack-back tool this week about going on offense and staying on the right side of the law. Also: Ryan Kazanciyan of Tanium is one of the talented hackers who help design Mr. Robot's super-realistic hacking scenes. We talk with him about bringing realistic hacks alive on the small screen. And: when Uncle Sam dishes the dirt on a state sponsored campaign against critical infrastructure, what are companies supposed to do with the information? Mark Durfresne of the firm Endgame and Itzik Kotler of the firm Safebreach give us their thoughts.

Security Ledger Editor in Chief Paul Roberts talks about the recently discovered KRACK security hole in Wi-Fi Protect Access with Bob Rudis of Rapid7. Bob has some simple ideas to protect yourself from KRACK attacks. Also: Or Katz of Akamai discusses that firm's research into fast flux botnets, which morph and evolve to evade detection. Finally, Tim Jarrett of CA-Veracode talks about research in Apache Commons Collections, a common and vulnerable open source library that is used in millions of applications.

Security Ledger Editor Paul Roberts speaks with Dave Aitel of Immunity Inc. about the controversy swirling around Russian antivirus firm Kaspersky Lab. Also: Bruce Schneier weighs in on the latest salvo in the war over strong encryption. Finally: Josh Corman of the firm PTC talks about recent hearings on Capitol Hill about guidelines for securing connected devices.

Security Ledger Editor in Chief Paul Roberts discusses the breach at Deloitte and what can be learned about corporations' security just by looking at them through the eyes of a hacker. His guests are Dan Tentler of the firm Phobos, who uncovered some embarrassing security lapses at Deloitte and Stephen Boyer of the firm BitSight, which rates companies based on their security posture.

Security Ledger Editor in Chief Paul Roberts discusses last week's attack on the security software CCLeaner with Michael Gorelik, the Chief Technology Officer at the firm Morphisec, which discovered the compromise. He says that CCleaner may be the tip of the iceberg in supply chain attacks. Also: Paul talks with Grant Wernick of Insight Engines about his company's integration with Splunk and Amazon's Echo. Are voice-based interfaces the future of security?

Security Ledger editor Paul Roberts takes a deep dive into the controversy surrounding data broker Equifax, speaking with experts from the firm Signal Sciences about why web application hacks are so common, and talking with Black Duck about the difficulty companies have keeping tabs on their open source software use. In our final segment, Paul speaks with Deidre Diamond of the placement firm CyberSN and Chris Roberts (@sidragon1) about the controversy surrounding Equifax's CSO's background in music composition - and about what qualities and qualifications make for a good security officer.

Security Ledger Editor in Chief Paul Roberts talks the news of the week including Robert "RSnake" Hansen on the Equifax data breach, Chris Sumner of Online Privacy Association on Facebook's analysis of fake news operations and ASPertise: a consulting firm that specializes in hiring professionals with Aspergers and Autism spectrum disorders.

Security Ledger's Paul Roberts talks with Kyle Wiens of Repair.org about efforts in Massachusetts and other states to pass 'right to repair' laws covering a wide range of connected and Internet of Things devices. Also: Facebook awarded its $100,000 Internet Defense prize to a team from UC Berkeley that came up with a better way to spot spear phishing campaigns. And: Johannes Ullrich of The SANS Internet Storm Center talks about his experiment to see how common attacks on Internet connected Digital Video Recorders are. The results may surprise you.

Security Ledger Editor in Chief Paul Roberts speaks with maritime cyber security expert Ruben Santamarta of IOActive about the recent spate of US navy collisions and whether hacking may have played a role. Also: Alan Brill of Kroll's cyber security division talks about pending legislation on Capitol Hill that would set standards for the Internet of Things. Finally, Paul speaks with Mary Loughlin of the firm Veracode about a recent survey that found almost two thirds of computer science graduates don't believe their security education prepared them for their current job.

Security Ledger publisher and Editor in Chief Paul Roberts speaks to Leah Figueroa, a Texas-based researcher who warns that colleges and universities - maybe even K-12 school districts - regularly divulge reams of student data to whomever asks, some of it is so-called personally identifying information or PII. Also: Paul talks with Assaf Harel about the future of the "Devil's Ivy" vulnerability in gSOAP. Will it lead to the next Mirai botnet? Finally, Ashwin Almad of Endgame talks about a new Forrester survey that finds companies struggling to find the people and tools to prevent hacks and data leaks.