Paul's Security Weekly (Audio) cover image

Paul's Security Weekly (Audio)

No CVE and No Accountability - Ed Skoudis - PSW #851

Nov 14, 2024
Ed Skoudis, a renowned cybersecurity expert and SANS instructor, joins the discussion, diving into fascinating topics like zip files within zip files that perplex antivirus software. He emphasizes the huge accountability gaps in CVE management, sparked by vendors ignoring vulnerabilities in end-of-life software. The conversation also highlights this year’s Holiday Hack Challenge, focusing on its engaging structure and innovative designs. Additionally, they discuss the evolution of cybersecurity, from legacy system challenges to the importance of proactive vulnerability research.
02:43:50

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

  • Nested ZIP file vulnerabilities can circumvent antivirus detection, exposing software limitations and creating potential exploitation avenues for attackers.
  • The Holiday Hack Challenge promotes education in cybersecurity through engaging, real-world scenarios aimed at participants of all skill levels.

Deep dives

Introduction of News and Updates

The podcast begins with a change in format, focusing on current news related to cybersecurity, including discussions surrounding CVEs (Common Vulnerabilities and Exposures) and various hacking incidents. Topics such as the Ask Your Art Rick Rolling incident, hacking VDIs, and the impact of a Linux kernel patch are highlighted, creating a buzzing atmosphere around the latest developments in the field. Ed Skodis is introduced as a guest to discuss the Holiday Hack Challenge, which promises to captivate audiences with its engaging challenges. This more dynamic structure aims to keep listeners informed on emerging threats and solutions in cybersecurity.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner