Paul's Security Weekly (Audio)

This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. We break down the available hardware, walk you through firmware installation, and share real-world use cases of LoRa to create decentralized, encrypted networks. Whether you’re a hacker, a prepper, or just curious about the future of resilient communication, this episode is packed with insights and practical tips you won’t want to miss! This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-881

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero. HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-880

Delve into the mystery of Salt Typhoon and its unknowns. Discover the quest for a portable pen testing device and discuss why certain directories raise eyebrows. Can a $24 cable really compete with a $180 one? Explore the vulnerabilities in Tesla wall chargers and outdated Zyxel exploits that are making waves again. Learn peculiar car theft methods involving Kias and the impact of AI on online scams. Enjoy a comical comparison of Cray supercomputers versus Raspberry Pis and tackle modern challenges in EV security.

Dive into the intriguing rise of 'bad box' malware targeting low-cost devices and the alarming security risks posed by unsecured internet cameras. Discover the complexities behind UEFI vulnerabilities, including the notorious 'Hydrophobia' flaw. The hosts hilariously critique the confusing world of refurbished MacBook sales while exploring reverse engineering in payment security. They also tackle contrasting perspectives on AI’s efficiency and its societal implications, referencing films that shape our view of technology.

Explore advanced techniques for keeping Linux systems updated beyond basic commands. Discover the importance of custom scripts and tools like topgrade for effective management. Dive into anti-malware solutions for Linux, including the challenges of PCI compliance. Learn about the latest strategies for system protection and kernel security, emphasizing the need for vigilance against rising threats. Gain insights into managing multiple distributions and the balance between agent-based and agentless security solutions for optimal performance.

Discover the dangers lurking in your router and the peculiar world of vehicle hacking. Explore how AI aids in finding vulnerabilities, but beware of DIY password managers! Delve into the complexities of Bluetooth Low Energy communication, alongside humorous tales of hardware hacks with smart grills. Learn about the pitfalls of data breaches and insider threats, and the evolving landscape of hacker conferences. With insightful discussions on encryption practices and the ethics of ransomware negotiations, this engaging conversation keeps you informed and entertained!

This week, the hosts dive into the alarming issue of malware lurking in printer drivers and discuss Japan's proactive cyber defense law. They tackle security flaws in Slack and explore age-old hacking techniques making a comeback. The conversation shifts to a significant data breach incident involving stolen credentials and the necessity for robust API protections. They also delve into the ambitious plans for AI and supercomputers in space, highlighting both innovation and critical security vulnerabilities.

Dive into security news with revelations like Android's lockdown mode and the troubling comprehension of outdated routers being exploited for profit. Discover how ransomware embeds itself within CPU microcode vulnerabilities and what that means for major processor manufacturers. Learn about the comedic side of managing cybersecurity standards and the ethical dilemmas of age verification in the digital age. The conversation also touches on the vulnerabilities of IoT devices and the quirky challenges of navigating the realm of binary reverse engineering.

Dive into the world of cybersecurity with discussions on RDP vulnerabilities and the shocking use of revoked credentials. Learn about recent exploits related to Apple’s AirPlay and a clandestine backdoor in e-commerce platforms. The podcast also explores the ramifications of a cybersecurity CEO's arrest for malware deployment. Plus, enjoy tales from conferences, humorous anecdotes about bourbon, and insights on vulnerability management advances, all while navigating the complexities of scams and e-commerce security.

Dive into the fascinating world of AI with discussions on its practical use in cybersecurity and everyday workflows. Discover tips for writing, coding, and data analysis while evaluating the differences between free and paid AI tools. Explore the ethical implications of AI-generated content and the importance of human creativity and critical thinking. The hosts humorously navigate misleading promotions and reflect on AI's evolving role in education and software development, emphasizing the necessity of verifying AI outputs. Get ready for a comprehensive look at the intersection of technology and human skills!