Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More. - SWN #487
Security Weekly Podcast Network (Video)
Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More on this episode of the Security Weekly News. Show Notes:
info_outline
Hacking Drivers - PSW #879
Security Weekly Podcast Network (Video)
This week: * The true details around Salt Typhoon are still unknown * The search for a portable pen testing device * Directories named "hacker2" are suspicious * Can a $24 cable compete with a $180 cable? * Hacking Tesla wall chargers * Old Zyxel exploits are new again * Hacking Asus drivers * Stealing KIAs - but not like you may think * Fake articles * Just give everything to LLMs, like Nmap * Retiring Floppy disks * An intern leaked secrets * Discord link hijacking * Cray vs. Raspberry PI * More car hacking with BMW Show Notes:
info_outline
CISO Cyber Insurance Empowerment - Peter Hedberg, Stephan Jou, Morey Haber - BSW #400
Security Weekly Podcast Network (Video)
Segment description coming soon! This month BeyondTrust released it's 12th annual edition of the Microsoft Vulnerabilities Report. The report reveals a record-breaking year for Microsoft vulnerabilities, and helps organizations understand, identify, and address the risks within their Microsoft ecosystems. Segment Resources: Insights Security Assessment Tool: For a copy of the Microsoft Vulnerabilities Threat Report: Blog re: Report: Stephan will discuss OpenText Core Threat Detection and Response, a new AI-powered solution designed to quickly spot and neutralize threats across an...
info_outline
AI Zombie Lawyer, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet - SWN #486
Security Weekly Podcast Network (Video)
AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Show Notes:
info_outline
Threat Modeling With Good Questions and Without Checklists - Farshad Abasi - ASW #335
Security Weekly Podcast Network (Video)
What makes a threat modeling process effective? Do you need a long list of threat actors? Do you need a long list of terms? What about a short list like STRIDE? Has an effective process ever come out of a list? Farshad Abasi joins our discussion as we explain why the answer to most of those questions is No and describe the kinds of approaches that are more conducive to useful threat models. Resources: In the news, learning from outage postmortems, an EchoLeak image speaks a 1,000 words from Microsoft 365 Copilot, TokenBreak attack targets tokenizing techniques, Google's layered strategy...
info_outline
Insider threats, migrating away from cloud, RSAC interviews with Cyera and Blumira - Yotam Segev, Matthew Warner, Rob Allen - ESW #411
Security Weekly Podcast Network (Video)
Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry’s first AI native,unified Data Security Platform. Yotam Segev, Cyera’s CEO sits down with CyberRisk TV at RSAC Conference 2025 to discuss Cyera’s skyrocketing growth, its founding story and why an increasing number of Fortune500 companies are...
info_outline
$200,000 Zoom Call, Microsoft, Zero-Click, China & HD With $649 million of Bitcoin - SWN #485
Security Weekly Podcast Network (Video)
This week we have, $200,000 Zoom Call, Microsoft Teams, INTERPOL, Zero-Click, Junk Food, China & Hard Drive With $649 million of Bitcoin. Show Notes:
info_outline
UEFI Vulnerabilities Galore - PSW #878
Security Weekly Podcast Network (Video)
This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor naming conventions I have the phone number linked to your Google account Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us) retiring floppy disks fault injection for the masses there is no defender AI...
info_outline
Security Money: The Index is Up, CISOs Need to Get Out, and Are You Burning Out? - BSW #399
Security Weekly Podcast Network (Video)
This week, it’s time for security money. The index is up, but the previous quarterly results were brutal. In the leadership and communications segment, Get out of the audit committee: Why CISOs need dedicated board time, Quietly Burning Out? What To Do When Your Leadership Starts Lacking, How to rethink leadership to energize disengaged employees, and more! Show Notes:
info_outline
Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more... - SWN #484
Security Weekly Podcast Network (Video)
Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more on the Security Weekly News. Show Notes:
info_outlineThis week:
- You got a Bad box, again
- Cameras are expose to the Internet
- EU and connected devices
- Hydrophobia
- NVRAM variables
- Have you heard about IGEL Linux?
- SSH and more NVRAM
- AI skeptics are nuts, and AI doesn't make you more efficient
- Trump Cybersecurity orders
- I think I can root my Pixel 6
- Decentralized Wordpres plugin manager
- Threat actor naming conventions
- I have the phone number linked to your Google account
- Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us)
- retiring floppy disks
- fault injection for the masses
- there is no defender
- AI blackmails
Show Notes: https://securityweekly.com/psw-878