Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More... - SWN #483
Security Weekly Podcast Network (Video)
Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes:
info_outline
Updating & Protecting Linux Systems - PSW #877
Security Weekly Podcast Network (Video)
Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems * What tools exist for analyzing Linux systems? (AIDE, uac, chkrootkit) * Best Anti-Malware for Linux - Commercial tools, open-source, both, none? * ClamAV - fa-notify and the dangers Show Notes:
info_outline
Regain Control of Business Risks, Your Leadership Habits, and Being Present - Alla Valente - BSW #398
Security Weekly Podcast Network (Video)
During times of volatility, business leaders often don’t know what they are able to change or even what they should change. At precisely these times, business leaders become risk leaders and need to quickly learn how to identify what is within their control and what isn’t — to not only survive but thrive. Alla Valente, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss how to Regain Control Over Business Risk With The Three E’s Framework, a report that provides a framework for identifying what is controllable and how to be smart when dealing with...
info_outline
Bovril, Deranged, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet... - SWN #482
Security Weekly Podcast Network (Video)
Bovril, Deranged Hookworm, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet, and more on the Security Weekly News. Show Notes:
info_outline
AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333
Security Weekly Podcast Network (Video)
The recent popularity of MCPs is surpassed only by the recent examples deficiencies of their secure design. The most obvious challenge is how MCPs, and many more general LLM use cases, have erased two decades of security principles behind separating code and data. We take a look at how developers are using LLMs to generate code and continue our search for where LLMs are providing value to appsec. We also consider what indicators we'd look for as signs of success. For example, are LLMs driving useful commits to overburdened open source developers? Are LLMs climbing the ranks of bug bounty...
info_outline
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Eyal Benishti, Chris Peluso, Chad Alessi, Tony Anscombe, Karl Van den Bergh, Nick Carroll - ESW #409
Security Weekly Podcast Network (Video)
Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. This segment is sponsored by CTG. Visit to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging...
info_outline
Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland... - SWN #481
Security Weekly Podcast Network (Video)
Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes:
info_outline
It's A Trap! - PSW #876
Security Weekly Podcast Network (Video)
In the security news: Vicious Trap - The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities - a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentials on end of life routers and "Alphanetworks" SIM swapping is still happening LoRa for C2 Russian drones use Telegram Flipper Zero mod for the LOLZ Signal blocks Recall CISA loses more people Show Notes:
info_outline
Quantum Readiness & Zero Trust: Strategies to Strengthen Digital Resilience - Amit Sinha, Chris Hickman, Albert Estevez Polo, Jordan Avnaim - BSW #397
Security Weekly Podcast Network (Video)
This segment explores how automated microsegmentation addresses critical Zero Trust gaps overlooked by traditional access controls and legacy segmentation solutions. We'll examine the limitations of perimeter-based defenses in today's dynamic threat landscape and reveal how automated microsegmentation enhances network security beyond conventional firewalls. From cutting-edge innovations to expert insights, discover what security leaders should prioritize to stay ahead of evolving threats. This segment is sponsored by Zero Networks. Visit to learn more about them! In this segment, Keyfactor...
info_outline
AP Tests, Hyper-V, Notepad, Google, Nova Scotia, NHI, Bond, Josh Marpet, and more... - SWN #480
Security Weekly Podcast Network (Video)
AP Tests, Hyper-V, Notepad, Google, Nova Scotia, NHI, Bond, Josh Marpet, and more on the Security Weekly News. Show Notes:
info_outlineIn the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more!
Next, pre-recorded interviews from RSAC Conference 2025, including:
This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinetrsac to learn more about them!
Unpacking the latest annual report from Fortinet's FortiGuard Labs. We're talking with Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet’s FortiGuard Labs, to get a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework. The report reveals that threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders.
Read the full report at https://securityweekly.com/fortinetrsac.
This segment is sponsored by Cobalt. Visit https://securityweekly.com/cobaltrsac to learn more about them!
In this interview, Gunter Ollmann, Chief Technology Officer at Cobalt, unpacks the findings from the State of Pentesting Report 2025, spotlighting both measurable security progress and the rising challenges introduced by generative AI (genAI). While the report shows that organizations are resolving vulnerabilities faster than ever, genAI systems stand out as a growing security blind spot: only 21% of serious genAI vulnerabilities identified during penetration testing are fixed, compared to over 75% for API flaws and 68% for cloud vulnerabilities. Nearly 32% of genAI-related findings were classified as high risk — more than double the average across other systems. And although 98% of organizations are adopting genAI-powered features, only 66% are running regular security assessments on those systems.
Segment Resources: https://www.cobalt.io/blog/key-takeaways-state-of-pentesting-report-2025 https://resource.cobalt.io/state-of-pentesting-2025?gl=1*zwbjgz*gclaw*R0NMLjE3MzcwNTU5ODMuQ2owS0NRaUEtYUs4QmhDREFSSXNBTF8tSDltRlB0X2FmSVhnQnBzSjYxOHlRZ1dhcmRMQ0lHalo3eVgxcTh1cHVnWFVwV0todHFPSDFZZ2FBb0hNRUFMd193Y0I.*gcl_au*MTc4MjQwMTAwNC4xNzQ0NjM0MTgz
Show Notes: https://securityweekly.com/bsw-395