Security Weekly Podcast Network (Audio) Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, More... - SWN #529
10 snips
Nov 14, 2025 The discussion dives into a DoorDash breach, revealing a troubling 19-day notification delay on a social engineering attack. Attention shifts to a critical Fortinet vulnerability that could allow admin exploits. Europol's success in dismantling over 1,000 malware servers showcases international cooperation. The podcast highlights alarming trends in the ransomware landscape, with 85 active groups. It also addresses legal challenges stemming from AI-generated defamation and explores innovative quantum technology advancements.
AI Snips
Chapters
Transcript
Episode notes
Notify Breach Victims Quickly
- Notify affected users promptly after a breach to reduce downstream harm and phishing risk.
- Prioritize rapid communication over perfect legal wording so victims can protect themselves quickly.
Lock Down Management Interfaces
- Do not expose management interfaces like FortiWeb to the internet; require MFA and VPN access.
- Patch vulnerable devices and audit user lists for unexpected admin accounts immediately.
Typosquatting Threats Will Be Amplified By AI
- Typosquatting in package ecosystems can let attackers run code during CI builds and abuse repository identity.
- AI tools that consume public repos may amplify malicious packages by recommending or installing them.