Paul's Security Weekly (Audio)

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders’ Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-888

We kick things off with a deep dive into the Hackberry PI and how to build one. Then in the security news: Will Perplexity buy Chrome? ESP32 Bus Pirates Poisoned telemetry Docker image security Fully Open Source Quantum Sensors Securing your car, Flippers, and show me the money Bringing your printer and desktop to Starbucks Paying a ransom? You need approval AI: Shield or Spear? No authentication? That's a problem Transient Bugs: A realistic threat? You can run Linux And who still uses AOL dial-up? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-887

Why should hate AI When firmware attacks The 300 second breach Old ways still work, AI might help And so begins the crawler wars Turn off your SonicWall VPN Your Pie may be wrapped in PII Attackers will find a way Signed kernel drivers D-Link on the KEV Rasperry PIs attack Stealthy LoRa LLM's don't commit code, people do Jame's Bond style rescue with drones SRAM has no chill In the full view of the public... Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-886

In the security news: Hacking washing machines, good clean fun! Hacking cars via Bluetooth More Bluetooth hacking with Breaktooth Making old vulnerabilities great again: exploiting abandoned hardware Clorox and Cognizant point fingers AI generated Linux malware Attacking Russian airports When user verification data leaks Turns out you CAN steal cars with a Flipper Zero, so we're told The UEFI vulnerabilities - the hits keep coming Hijacking Discord invites The Raspberry PI laptop The new Hack RF One Pro Security appliances still fail to be secure Person Re-Identification via Wi-Fi Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-885

We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicous AURs Killing solar farms Weak passwords are all it takes Microsoft's UEFI keys are expiring Kali Linux and Raspberry PI Wifi updates Use lots of electricity, get a visit from law enforcement Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud The time to next exploit is short Sonicwall devices are getting exploited How not to vibe code SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-884

In the security news: The train is leaving the station, or is it? The hypervisor will protect you, maybe The best thing about Flippers are the clones Also, the Flipper Zero as an interrogation tool Threats are commercial and open-source Who is still down with FTP? AI bug hunters Firmware for Russian drones Merging Android and ChromOS Protecting your assets with CVSS? Patch Citrixbleed 2 Rowhammer comes to NVIDIA GPUs I hear Microsoft hires Chinese spies Gigabyte motherboards and UEFI vulnerabilities McDonald's AI hiring bot: you want some PII with that? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-883

This week in the security news: Citrixbleed 2 and so many failures Ruckus leads the way on how not to handle vulnerabilities When you have no egress Applocker bypass So you bought earbuds from TikTok More gadgets and the crazy radio Cheap drones and android apps Best Mario Kart controller ever VSCode: You're forked Bluetooth earbuds and vulnerabilities Do you remember Sound blaster cards? NFC passport chips Whack-a-disk Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-882

This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. We break down the available hardware, walk you through firmware installation, and share real-world use cases of LoRa to create decentralized, encrypted networks. Whether you’re a hacker, a prepper, or just curious about the future of resilient communication, this episode is packed with insights and practical tips you won’t want to miss! This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-881

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero. HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-880

Delve into the mystery of Salt Typhoon and its unknowns. Discover the quest for a portable pen testing device and discuss why certain directories raise eyebrows. Can a $24 cable really compete with a $180 one? Explore the vulnerabilities in Tesla wall chargers and outdated Zyxel exploits that are making waves again. Learn peculiar car theft methods involving Kias and the impact of AI on online scams. Enjoy a comical comparison of Cray supercomputers versus Raspberry Pis and tackle modern challenges in EV security.