loader from loading.io

tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417

Security Weekly Podcast Network (Audio)

Release Date: 07/28/2025

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More... - SWN #503 show art Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More... - SWN #503

Security Weekly Podcast Network (Audio)

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:

info_outline Hackberry PIs and Other Hacker Things - PSW #887 show art Hackberry PIs and Other Hacker Things - PSW #887

Security Weekly Podcast Network (Audio)

We kick things off with a deep dive into the Hackberry PI and how to build one. Then in the security news: Will Perplexity buy Chrome? ESP32 Bus Pirates Poisoned telemetry Docker image security Fully Open Source Quantum Sensors Securing your car, Flippers, and show me the money Bringing your printer and desktop to Starbucks Paying a ransom? You need approval AI: Shield or Spear? No authentication? That's a problem Transient Bugs: A realistic threat? You can run Linux And who still uses AOL dial-up? Visit for all the latest episodes! Show Notes:

info_outline Defending Trust & Reputation as CISOs and Leaders Prepare Their AI Strategy - Santosh Nair - BSW #408 show art Defending Trust & Reputation as CISOs and Leaders Prepare Their AI Strategy - Santosh Nair - BSW #408

Security Weekly Podcast Network (Audio)

As brands grow more digital, the threats grow more personal. Attackers impersonate executives, spin up fake websites, and leak sensitive data — hurting business reputations and breaking customer trust. How do you defend your organization's reputation and customers' trust? Santosh Nair, Co-Founder and CTO at Styx Intelligence, joins Business Security Weekly to discuss how to defend trust and reputation in the age of AI. Santosh will cover both the company and executive challenges of defending against the latest AI attacks, including: Impersonations and Deepfakes Employee Scams Financial...

info_outline 300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet... - SWN #502 show art 300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet... - SWN #502

Security Weekly Podcast Network (Audio)

300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet, and more on the Security Weekly News. Visit for all the latest episodes! Show Notes:

info_outline The Future of Supply Chain Security - Janet Worthington - ASW #343 show art The Future of Supply Chain Security - Janet Worthington - ASW #343

Security Weekly Podcast Network (Audio)

Open source software is a massive contribution that provides everything from foundational frameworks to tiny single-purpose libraries. We walk through the dimensions of trust and provenance in the software supply chain with Janet Worthington. And we discuss how even with new code generated by LLMs and new terms like slopsquatting, a lot of the most effective solutions are old techniques. Resources Show Notes:

info_outline ESW at BlackHat and the weekly enterprise security news - ESW #419 show art ESW at BlackHat and the weekly enterprise security news - ESW #419

Security Weekly Podcast Network (Audio)

Topic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then, in the enterprise security news, Tons of funding! SentinelOne picks up an AI security company weeks after Palo Alto closes the Protect AI deal Vendors shove AI agents into everything they’ve got Why SOC analysts ignore your playbooks NVIDA pinkie swears to China: no back doors! ChatGPT was allowing shared chat...

info_outline SonicWall, Informants Exposed, Cisco Vishing, Perplexity, GPT‑5, Josh Marpet–SWN #501 - SWN #501 show art SonicWall, Informants Exposed, Cisco Vishing, Perplexity, GPT‑5, Josh Marpet–SWN #501 - SWN #501

Security Weekly Podcast Network (Audio)

This week we have, SonicWall, Confidential Informants Exposed, Cisco Vishing, Perplexity vs robots.txt, Microsoft’s Project Ire, Meta–Flo Jury Verdict, GPT‑5 Lands, TeaOnHer Data Leak, Josh Marpet, and more on the Security Weekly News.. Visit for all the latest episodes! Show Notes:

info_outline Devices Are Attacking - PSW #886 show art Devices Are Attacking - PSW #886

Security Weekly Podcast Network (Audio)

Why should hate AI When firmware attacks The 300 second breach Old ways still work, AI might help And so begins the crawler wars Turn off your SonicWall VPN Your Pie may be wrapped in PII Attackers will find a way Signed kernel drivers D-Link on the KEV Rasperry PIs attack Stealthy LoRa LLM's don't commit code, people do Jame's Bond style rescue with drones SRAM has no chill In the full view of the public... Visit for all the latest episodes! Show Notes:

info_outline Say Easy, Do Hard - AI Governance in the Supply Chain - Richard Bird, Nick Mistry - BSW #407 show art Say Easy, Do Hard - AI Governance in the Supply Chain - Richard Bird, Nick Mistry - BSW #407

Security Weekly Podcast Network (Audio)

Recent findings of AI ecosystem insecurities and attacks show the importance of needing AI governance in the supply chain. And this supply chain is rapidly expanding to include not only open-source software but also collaborative platforms where custom models, agents, prompts, and other AI resources are used. And with this expansion of third-party AI component and services use comes an expanded security threat often not included in traditional supply chain management processes. It's time to update our supply chain management process to include AI governance. Easier said than done. In this Say...

info_outline MFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warning, Claude v GPT-5, Josh Marpet - SWN #500 show art MFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warning, Claude v GPT-5, Josh Marpet - SWN #500

Security Weekly Podcast Network (Audio)

MFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warnings, Claude vs GPT-5, Josh Marpet, and more on the Security Weekly News. Visit for all the latest episodes! Show Notes:

info_outline
 
More Episodes

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis

Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

Topic Segment - Should the US Go on the Cyber Offensive?

Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

News Segment

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-417