Security Weekly Podcast Network (Audio)

The episode kicks off with a humorous look at donuts and cybersecurity. It dives into the dangers of outdated protocols and the emerging threat of click fix attacks. A serious discussion unfolds about the rise of AI-generated code and the geopolitical tensions affecting cyber warfare. Listeners are cautioned about a critical vulnerability in backup software and the outrageous salaries offered to AI coders. The importance of the 3-2-1 backup strategy is highlighted, reminding everyone to stay vigilant against potential security scams.

This week: * The true details around Salt Typhoon are still unknown * The search for a portable pen testing device * Directories named "hacker2" are suspicious * Can a $24 cable compete with a $180 cable? * Hacking Tesla wall chargers * Old Zyxel exploits are new again * Hacking Asus drivers * Stealing KIAs - but not like you may think * Fake articles * Just give everything to LLMs, like Nmap * Retiring Floppy disks * An intern leaked secrets * Discord link hijacking * Cray vs. Raspberry PI * More car hacking with BMW Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-879

In this episode of Business Security Weekly, Mandy Logan, along with guests Peter Hedberg, Summer Craze Fowler, and Ben Carr, delve into the complexities of cyber insurance and the empowerment of Chief Information Security Officers (CISOs). The discussion covers the evolving landscape of cyber insurance, the critical role of underwriting, and the importance of collaboration between CISOs and insurers. The guests share insights on risk assessment, the significance of incident response planning, and the need for CISOs to be recognized as key players in the boardroom. The conversation emphasizes the necessity of building strong relationships with insurers and leveraging data to enhance security measures. This month BeyondTrust released it's 12th annual edition of the Microsoft Vulnerabilities Report. The report reveals a record-breaking year for Microsoft vulnerabilities, and helps organizations understand, identify, and address the risks within their Microsoft ecosystems. Segment Resources: Insights Security Assessment Tool: https://www.beyondtrust.com/products/identity-security-insights/assessment For a copy of the Microsoft Vulnerabilities Threat Report: https://www.beyondtrust.com/resources/whitepapers/microsoft-vulnerability-report Blog re: Report: https://www.beyondtrust.com/blog/entry/microsoft-vulnerabilities-report Stephan will discuss OpenText Core Threat Detection and Response, a new AI-powered solution designed to quickly spot and neutralize threats across an organization’s attack surface without the need to overhaul existing security stacks. He will also provide insights into the most dangerous threats facing enterprises today along with practical steps to mitigate them. https://www.opentext.com/products/core-threat-detection-and-response https://www.prnewswire.com/news-releases/opentext-launches-next-generation-opentext-cybersecurity-cloud-with-ai-powered-threat-detection-and-response-capabilities-302381481.html This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them! This segment is sponsored by BeyondTrust. Visit https://securityweekly.com/beyondtrustrsac to for a copy of the Microsoft Vulnerabilities Threat Report! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-400

AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-486

Farshad Abasi, Founder and CEO of Forward Security, shares over 27 years of cybersecurity expertise, emphasizing the importance of effective threat modeling. He argues against lengthy checklists and frameworks like STRIDE, advocating for innovative, developer-engaged strategies instead. The conversation highlights the relevance of user stories and continuous communication in small teams, especially startups. Abasi also reflects on lessons from hyperscaler incidents and the complexities of software deployment and security, all while stressing the role of human insight in tackling modern vulnerabilities.

Rob Allen, Chief Product Officer at ThreatLocker, discusses the urgent issue of insider threats and the importance of endpoint security. Yotam Segev, CEO of Cyera, reveals Cyera's rapid growth and innovative data security solutions showcased at RSAC 2025. Matthew Warner, CEO of Blumira, focuses on adapting cybersecurity measures for small and mid-sized businesses, emphasizing the shift from compliance to operational excellence. Together, they explore the evolving landscape of cybersecurity, hybrid computing, and the necessity of robust data protection strategies.

Dive into the shocking story of a $200,000 Zoom call gone wrong and learn about a zero-click exploit in Microsoft 365. Discover how law enforcement is battling rising cybercrime with a major Interpol operation. The vulnerabilities of IoT devices are explored, shedding light on the urgent need for better security practices. Plus, hear about the European Union's plans to boost cybersecurity independence and tackle challenges posed by state-aligned hackers from China. It's a wild ride through the latest in cybersecurity!

This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor naming conventions I have the phone number linked to your Google account Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us) retiring floppy disks fault injection for the masses there is no defender AI blackmails Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-878

Explore the fascinating dynamics of cybersecurity finance as the index sees unexpected gains while tech companies grapple with harsh quarterly results. Uncover the pressing need for CISOs to engage more meaningfully with boards and address leadership burnout. Delve into the shifting landscape of cybersecurity investments, highlighting major layoffs and IPOs, and the inevitable impact of AI on job security. Plus, learn how diverse experiences can enhance leadership qualities and the importance of emotional intelligence in fostering an engaged team.

Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-484