Rob Allen, Chief Product Officer at Threatlocker joins us for an interview segment on using AI in security products: What works and what's not fully baked! Then in the security news, There are more holes in your boot...loader according to Microsoft, related: Secure Boot is in danger and no one is really talking about it (still), Dear Microsoft: I don't want to send you my data, I don't grant you remote access, and I don't want to create a MS account, CrushFTP has to crush some bugs, bypassing unprivileged user namespace restrictions, FBI raids, attackers using your GPU, Find My anything, protecting GlobalProtect, the exploits will continue until things improve, your call records were not protected, good vs. bad drivers, AI is hacking AI, time traveling attacks, and a bizarre call for security researchers. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-868

In this engaging discussion, Sam Bowne, a guest expert in password security and data breaches, dives into pressing cybersecurity concerns. He reveals how vulnerabilities can go unpatched, leading to dire consequences. The podcast highlights alarming breaches, like Oracle's cloud hack, and casts a spotlight on the pitfalls of secure communication apps like Signal. Bowne emphasizes the need for better password practices and outlines the risks associated with genetic data from services like 23andMe. Plus, there's a whimsical cat prank script that adds a light-hearted twist!

Dive into the fascinating world of cybersecurity myths, where the truth about zero-day vulnerabilities is unraveled. Discover the risks of supply chain attacks on GitHub Actions and the pressing need for robust security measures. The conversation also highlights the significance of contextual vulnerability management and the complexities of compliance in evolving tech landscapes. Enjoy humorous anecdotes about challenges in the tech realm, along with insights on transitioning to Linux and the implications of IoT security vulnerabilities.

Sounil Yu, CTO and co-founder of Gnostic, addresses pressing AI data leakage issues. He highlights how tools like Microsoft's Copilot lack adequate access controls, risking exposure of sensitive files. Gnostic’s innovative automation tackles these challenges, ensuring security without hindering innovation. The conversation dives into the complex balance of non-human identities and the dual risks of oversharing and undersharing in data management. Additionally, the impact of AI on job applications is examined, raising questions about the future role of human expertise in an increasingly automated world.

Dive into the quirks of hacking your smart mattress and discover why it might be more vulnerable than you think. Explore the latest in music piracy and the absurdity of smart appliances while reflecting on the demise of Skype. Uncover the implications of ransomware threats from Russia and the complexities introduced by AI. Plus, hear about the evolution of cybersecurity practices and the challenges small businesses face with outdated tech. It's a lively mix of tech humor and crucial insights you won't want to miss!

This discussion dives into cybersecurity's pressing issues, like Apple's data protection and Australia's Kaspersky ban. Outdated software poses significant risks, and emerging tech like topological qubits could change the game. Ransomware chat logs reveal dark hacking techniques, while vulnerabilities in UEFI and Grub add to the challenge. The conversation highlights the need for quantum-resistant encryption and critiques a recent series on cybersecurity. Finally, it stresses the importance of robust authentication over insecure SMS options.

The discussion kicks off with excitement around the return of in-person conferences and insights from Zero Trust World. Listeners learn about current cybersecurity threats and the significance of Managed Service Providers. Humorous anecdotes about aging tech and personal experiences keep it lively. There's a deep dive into firmware security vulnerabilities and the challenges of timely updates. Plus, the exploration of access risks associated with AI tools offers a thought-provoking look at evolving security needs.

This week, tune in to hear about the intriguing possibility of installing Linux in PDFs and the serious security measures taken by TP-Link. The discussion dives into the latest Patch Tuesday updates affecting major companies like Intel and Microsoft. Ever thought of hacking your space heater for kicks? They cover it! Explore the quirks of smart homes and the security risks tied to them. Plus, get insights on prompt injection attacks and vulnerabilities associated with medical devices, all while balancing humor and critical cybersecurity themes.

Discover the challenges of Deepseek and the latest in AI model security. Explore AMD's microcode vulnerabilities and the risks posed by abandoned AWS S3 buckets. Dive into the world of 3D printing with innovative tips and tricks. Learn about password management weaknesses and the hidden dangers of cheap USB-to-Ethernet adapters. The discussion also highlights the evolving landscape of cybersecurity and the importance of data privacy in AI development.

Matt Bishop is the Principal Architect at Bitwarden, specializing in password management and security solutions. He discusses the evolution of password vaults, emphasizing their expanded use beyond mere password storage, including SSH key management for developers. The conversation also covers the latest cybersecurity threats, from vulnerabilities in Palo Alto networks to the implications of AI in security. Bishop highlights the importance of multi-factor authentication and the benefits of open-source solutions in ensuring data security.