Security Weekly Podcast Network (Audio) Astro Oblivion, FreePBX, GitHub, OWASP, Promptlock, Claude Aaran Leyland - SWN #507
29 snips
Aug 29, 2025 Dive into the intriguing world of cybersecurity as the hosts tackle urgent vulnerabilities within FreePBX and Git. Discover the dark side of AI with discussions on emerging threats like AI-powered malware. They also delve into the shady practices of scams linked to online gambling, urging regulatory actions. Plus, explore how the rise of satellites is changing our night sky, whimsically imagining future ads shining down on us. It's a whirlwind of tech, threats, and philosophical reflections!
AI Snips
Chapters
Transcript
Episode notes
Lock Down FreePBX Admin Interfaces
- Limit access to FreePBX admin panels and do not expose management interfaces publicly.
- Use firewalls, private VLANs or VPNs to restrict admin access to trusted hosts immediately.
Mitigate Git Submodule Code Execution
- Patch Git installations promptly to fix the backslash-R submodule vulnerability that enables code execution.
- If you cannot patch, avoid recursive submodule clones and disable Git hooks globally via core.hooksPath.
LLMs Create Systemic Enterprise Risk
- OWASP warns that LLMs' integration across enterprise apps creates new systemic risks and attack surfaces.
- Scripted prompt attacks can scale to cause service disruption or large cloud costs if not anticipated.