Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More... - SWN #483
Security Weekly Podcast Network (Video)
Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes:
info_outline
Updating & Protecting Linux Systems - PSW #877
Security Weekly Podcast Network (Video)
Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems * What tools exist for analyzing Linux systems? (AIDE, uac, chkrootkit) * Best Anti-Malware for Linux - Commercial tools, open-source, both, none? * ClamAV - fa-notify and the dangers Show Notes:
info_outline
Regain Control of Business Risks, Your Leadership Habits, and Being Present - Alla Valente - BSW #398
Security Weekly Podcast Network (Video)
During times of volatility, business leaders often don’t know what they are able to change or even what they should change. At precisely these times, business leaders become risk leaders and need to quickly learn how to identify what is within their control and what isn’t — to not only survive but thrive. Alla Valente, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss how to Regain Control Over Business Risk With The Three E’s Framework, a report that provides a framework for identifying what is controllable and how to be smart when dealing with...
info_outline
Bovril, Deranged, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet... - SWN #482
Security Weekly Podcast Network (Video)
Bovril, Deranged Hookworm, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet, and more on the Security Weekly News. Show Notes:
info_outline
AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333
Security Weekly Podcast Network (Video)
The recent popularity of MCPs is surpassed only by the recent examples deficiencies of their secure design. The most obvious challenge is how MCPs, and many more general LLM use cases, have erased two decades of security principles behind separating code and data. We take a look at how developers are using LLMs to generate code and continue our search for where LLMs are providing value to appsec. We also consider what indicators we'd look for as signs of success. For example, are LLMs driving useful commits to overburdened open source developers? Are LLMs climbing the ranks of bug bounty...
info_outline
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Eyal Benishti, Chris Peluso, Chad Alessi, Tony Anscombe, Karl Van den Bergh, Nick Carroll - ESW #409
Security Weekly Podcast Network (Video)
Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. This segment is sponsored by CTG. Visit to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging...
info_outline
Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland... - SWN #481
Security Weekly Podcast Network (Video)
Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes:
info_outline
It's A Trap! - PSW #876
Security Weekly Podcast Network (Video)
In the security news: Vicious Trap - The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities - a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentials on end of life routers and "Alphanetworks" SIM swapping is still happening LoRa for C2 Russian drones use Telegram Flipper Zero mod for the LOLZ Signal blocks Recall CISA loses more people Show Notes:
info_outline
Quantum Readiness & Zero Trust: Strategies to Strengthen Digital Resilience - Amit Sinha, Chris Hickman, Albert Estevez Polo, Jordan Avnaim - BSW #397
Security Weekly Podcast Network (Video)
This segment explores how automated microsegmentation addresses critical Zero Trust gaps overlooked by traditional access controls and legacy segmentation solutions. We'll examine the limitations of perimeter-based defenses in today's dynamic threat landscape and reveal how automated microsegmentation enhances network security beyond conventional firewalls. From cutting-edge innovations to expert insights, discover what security leaders should prioritize to stay ahead of evolving threats. This segment is sponsored by Zero Networks. Visit to learn more about them! In this segment, Keyfactor...
info_outline
AP Tests, Hyper-V, Notepad, Google, Nova Scotia, NHI, Bond, Josh Marpet, and more... - SWN #480
Security Weekly Podcast Network (Video)
AP Tests, Hyper-V, Notepad, Google, Nova Scotia, NHI, Bond, Josh Marpet, and more on the Security Weekly News. Show Notes:
info_outlineIn the news, Coinbase deals with bribes and insider threat, the NCSC notes the cross-cutting problem of incentivizing secure design, we cover some research that notes the multitude of definitions for secure design, and discuss the new Cybersecurity Skills Framework from the OpenSSF and Linux Foundation. Then we share two more sponsored interviews from this year's RSAC Conference.
With more types of identities, machines, and agents trying to access increasingly critical data and resources, across larger numbers of devices, organizations will be faced with managing this added complexity and identity sprawl. Now more than ever, organizations need to make sure security is not an afterthought, implementing comprehensive solutions for securing, managing, and governing both non-human and human identities across ecosystems at scale.
This segment is sponsored by Okta. Visit https://securityweekly.com/oktarsac to learn more about them!
At Mend.io, we believe that securing AI-powered applications requires more than just scanning for vulnerabilities in AI-generated code—it demands a comprehensive, enterprise-level strategy. While many AppSec vendors offer limited, point-in-time solutions focused solely on AI code, Mend.io takes a broader and more integrated approach.
Our platform is designed to secure not just the code, but the full spectrum of AI components embedded within modern applications. By leveraging existing risk management strategies, processes, and tools, we uncover the unique risks that AI introduces—without forcing organizations to reinvent their workflows. Mend.io’s solution ensures that AI security is embedded into the software development lifecycle, enabling teams to assess and mitigate risks proactively and at scale.
Unlike isolated AI security startups, Mend.io delivers a single, unified platform that secures an organization’s entire codebase—including its AI-driven elements. This approach maximizes efficiency, minimizes disruption, and empowers enterprises to embrace AI innovation with confidence and control.
This segment is sponsored by Mend.io. Visit https://securityweekly.com/mendrsac to book a live demo!
Show Notes: https://securityweekly.com/asw-331