Paul's Security Weekly (Audio) Devices Are Attacking - PSW #886
Aug 7, 2025
Explore the alarming rise of firmware attacks and the infamous 300-second breach that highlights the vulnerabilities in our systems. The hosts debate the role of AI in cybersecurity and why traditional methods still hold strong. Discover the implications of LLMs scrapping websites and the impact on publishers. The discussion also touches on AI-generated apps facing security flaws and the dramatic story of drones delivering e-bikes in Ukraine. Plus, insights into signed kernel drivers used in malware and covert data transmissions via HDMI emissions.
AI Snips
Chapters
Books
Transcript
Episode notes
Home Firewall Thumb Drive Failure Led To Migration
- Larry told how a failed thumb drive and UPS issues left his pfSense firewall unrouteable until he rebuilt the network.
- He bought a UniFi gateway pro and re-adopted access points, illustrating home-lab fragility and migration pain.
Prepare For Power Failures And Hardware Backup
- Keep spare networking hardware and plan for UPS/backup failures; a temporary Nighthawk helped Larry stay online during recovery.
- Test BIOS and interface persistence after power events to avoid long outages.
Subcomputer Inside Laptops Can Be Weaponized
- Dell laptops contain a daughterboard (Control Vault / Unified Security Hub) that stores secrets and connects biometric readers.
- Vulnerabilities allow key material leakage and permanent firmware modification, enabling powerful persistence outside the OS.
