This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM - Internet Radio Done Right
Checked 1d ago
Added six years ago
Looks like the publisher may have taken this series offline or changed its URL. Please contact support if you believe it should be working, the feed URL is invalid, or you have any other concerns about it.
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Security Weekly Podcast Network (Audio)
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
G
Grown-Up Stuff: How to Adult
Taxes, Voting, Recycling—oh my! After navigating this jungle of grown-up responsibilities together, we're taking a quick summer breather to recharge our adulting batteries. But before we temporarily hang up our responsible pants, join us for this special episode packed with our favorite kernels of wisdom from the season so far AND get an exclusive preview of the fresh adulting adventures awaiting you when Grown-Up Stuff returns in late summer! Think of this episode as your adulting victory lap—complete with confetti and zero paperwork required! See omnystudio.com/listener for privacy information.…
$200,000 Zoom Call, Microsoft, Zero-Click, China & HD With $649 million of Bitcoin - SWN #485
Fetch error
Hmmm there seems to be a problem fetching this series right now.
Last successful fetch was on August 14, 2025 08:05 (
What now? This series will be checked again in the next hour. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Manage episode 488676639 series 2591184
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
This week we have, $200,000 Zoom Call, Microsoft Teams, INTERPOL, Zero-Click, Junk Food, China & Hard Drive With $649 million of Bitcoin.
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn-485
3289 episodes
ShareFetch error
Hmmm there seems to be a problem fetching this series right now.
Last successful fetch was on August 14, 2025 08:05 (
What now? This series will be checked again in the next hour. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Manage episode 488676639 series 2591184
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
This week we have, $200,000 Zoom Call, Microsoft Teams, INTERPOL, Zero-Click, Junk Food, China & Hard Drive With $649 million of Bitcoin.
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn-485
3289 episodes
All episodes
×
1 Defending Trust & Reputation as CISOs and Leaders Prepare Their AI Strategy - Santosh Nair - BSW #408 50:05
50:05 
Play Later 
Play Later 
Lists 
Like 
Liked50:05
Play Later Play Later Lists Like LikedAs brands grow more digital, the threats grow more personal. Attackers impersonate executives, spin up fake websites, and leak sensitive data — hurting business reputations and breaking customer trust. How do you defend your organization's reputation and customers' trust? Santosh Nair, Co-Founder and CTO at Styx Intelligence, joins Business Security Weekly to discuss how to defend trust and reputation in the age of AI. Santosh will cover both the company and executive challenges of defending against the latest AI attacks, including: Impersonations and Deepfakes Employee Scams Financial Fraud Segment Resources: - https://styxintel.com/blog/what-is-brand-protection/ - https://styxintel.com/blog/brand-impersonation-hurts-business/ - https://styxintel.com/blog/social-engineering-tactics/ In the leadership and communications section, Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture, Your AI Strategy Needs More Than a Single Leader, Avoid These Communication Breakdowns When Launching Strategic Initiatives, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-408…
1 300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet... - SWN #502 34:14
34:14 Play Later Play Later Lists Like Liked34:14
Play Later Play Later Lists Like Liked300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-502
1 The Future of Supply Chain Security - Janet Worthington - ASW #343 42:13
42:13 Play Later Play Later Lists Like Liked42:13
Play Later Play Later Lists Like LikedOpen source software is a massive contribution that provides everything from foundational frameworks to tiny single-purpose libraries. We walk through the dimensions of trust and provenance in the software supply chain with Janet Worthington. And we discuss how even with new code generated by LLMs and new terms like slopsquatting, a lot of the most effective solutions are old techniques. Resources https://www.forrester.com/blogs/make-no-mistake-software-is-a-supply-chain-and-its-under-attack/ https://www.forrester.com/report/the-future-of-software-supply-chain-security/RES184050 Show Notes: https://securityweekly.com/asw-343…
1 ESW at BlackHat and the weekly enterprise security news - ESW #419 45:44
45:44 Play Later Play Later Lists Like Liked45:44
Play Later Play Later Lists Like LikedTopic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then, in the enterprise security news, Tons of funding! SentinelOne picks up an AI security company weeks after Palo Alto closes the Protect AI deal Vendors shove AI agents into everything they’ve got Why SOC analysts ignore your playbooks NVIDA pinkie swears to China: no back doors! ChatGPT was allowing shared chat sessions to be indexed and crawled by search engines like Google Who is gonna secure all this vibe code? Who is gonna triage all these hallucinated bug reports? Perplexity and Cloudflare duke it out When you try to scrub your shady past off the Internet, it might just make things worse. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-419…
1 SonicWall, Informants Exposed, Cisco Vishing, Perplexity, GPT‑5, Josh Marpet–SWN #501 - SWN #501 34:23
34:23 Play Later Play Later Lists Like Liked34:23
Play Later Play Later Lists Like LikedThis week we have, SonicWall, Confidential Informants Exposed, Cisco Vishing, Perplexity vs robots.txt, Microsoft’s Project Ire, Meta–Flo Jury Verdict, GPT‑5 Lands, TeaOnHer Data Leak, Josh Marpet, and more on the Security Weekly News.. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-501…
Why should hate AI When firmware attacks The 300 second breach Old ways still work, AI might help And so begins the crawler wars Turn off your SonicWall VPN Your Pie may be wrapped in PII Attackers will find a way Signed kernel drivers D-Link on the KEV Rasperry PIs attack Stealthy LoRa LLM's don't commit code, people do Jame's Bond style rescue with drones SRAM has no chill In the full view of the public... Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-886…
1 Say Easy, Do Hard - AI Governance in the Supply Chain - Richard Bird, Nick Mistry - BSW #407 54:55
54:55 Play Later Play Later Lists Like Liked54:55
Play Later Play Later Lists Like LikedRecent findings of AI ecosystem insecurities and attacks show the importance of needing AI governance in the supply chain. And this supply chain is rapidly expanding to include not only open-source software but also collaborative platforms where custom models, agents, prompts, and other AI resources are used. And with this expansion of third-party AI component and services use comes an expanded security threat often not included in traditional supply chain management processes. It's time to update our supply chain management process to include AI governance. Easier said than done. In this Say Easy, Do Hard segment, we invite three CISOs to discuss the challenges of AI and the supply chain, including: Data privacy concerns Flaws and malicious code in AI dependencies Lack of security tools to test for AI Vibe coding risks and more. But we also do the hard part, by discussing the changes needed to your supply chain management process to address these concerns. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-407…
1 MFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warning, Claude v GPT-5, Josh Marpet - SWN #500 32:30
32:30 Play Later Play Later Lists Like Liked32:30
Play Later Play Later Lists Like LikedMFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warnings, Claude vs GPT-5, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-500
1 Uniting software development and application security - Will Vandevanter, Jonathan Schneider - ASW #342 58:07
58:07 Play Later Play Later Lists Like Liked58:07
Play Later Play Later Lists Like LikedMaintaining code is a lot more than keeping dependencies up to date. It involved everything from keeping old code running to changing frameworks to even changing implementation languages. Jonathan Schneider talks about the engineering considerations of refactoring and rewriting code, why code maintenance is important to appsec, and how to build confidence that adding automation to a migration results in code that has the same workflows as before. Resources https://docs.openrewrite.org https://github.com/openrewrite Then, instead of our usual news segment, we do a deep dive on some recent vulns NVIDIA's Triton Inference Server disclosed by Trail of Bits' Will Vandevanter. Will talks about the thought process and tools that go into identify potential vulns, the analysis in determining whether they're exploitable, and the disclosure process with vendors. He makes the important point that even if something doesn't turn out to be a vuln, there's still benefit to the learning process and gaining experience in seeing the different ways that devs design software. Of course, it's also more fun when you find an exploitable vuln -- which Will did here! Resources https://nvidia.custhelp.com/app/answers/detail/a_id/5687 https://github.com/triton-inference-server/server https://blog.trailofbits.com/2025/07/31/hijacking-multi-agent-systems-in-your-pajamas/ https://blog.trailofbits.com/2025/07/28/we-built-the-security-layer-mcp-always-needed/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-342…
1 Weekly Enterprise Security News and Tips on Building Security From Day 1 - Guillaume Ross - ESW #418 1:45:52
1:45:52 Play Later Play Later Lists Like Liked1:45:52
Play Later Play Later Lists Like LikedThe Weekly Enterprise News (segments 1 and 2) This week, we’ve had to make some last minute adjustments, so we’re going to do the news first, split into two segments. This week, we’re discussing: Some interesting funding Two acquisitions - one picked up for $250M, the other slightly larger, at $25 BILLION Interesting new companies! On the 1 year anniversary of that thing that happened, Crowdstrike would like to assure you that they’re REALLY making sure that thing never happens again Flipping the script How researchers rooted Copilot, but not really talks to check out at Hacker Summer Camp detection engineering tips the Cloud Security Alliance has a new AI Controls Matrix sending in the National Guard to handle a breach! and how to read an AI press release Interview: Guillaume Ross on Building Security from Scratch Guillaume shares his experiences building security from scratch at Canadian FinTech, Finaptic. Imagine the situation: you're CISO, and literally NOTHING is in place yet. No policies, no controls, no GRC processes. Where do you start? What do you do first? Are there things you can get away with that would be impossible in older, well-established financial firms? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-418…
1 Pipes, Thorium, Excel, ATM Hillbilly Cannibal Attack, Lambdas, AIs, Aaran Leyland - SWN #499 35:55
35:55 Play Later Play Later Lists Like Liked35:55
Play Later Play Later Lists Like LikedPipes, Thorium, Excel, Weird Ports, ATM Hillbilly Cannibal Attack, Lambdas, National Guard, AIs, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-499
In the security news: Hacking washing machines, good clean fun! Hacking cars via Bluetooth More Bluetooth hacking with Breaktooth Making old vulnerabilities great again: exploiting abandoned hardware Clorox and Cognizant point fingers AI generated Linux malware Attacking Russian airports When user verification data leaks Turns out you CAN steal cars with a Flipper Zero, so we're told The UEFI vulnerabilities - the hits keep coming Hijacking Discord invites The Raspberry PI laptop The new Hack RF One Pro Security appliances still fail to be secure Person Re-Identification via Wi-Fi Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-885…
1 Aligning Security Objectives, Ditch the Ego, Lead for Real and Succeed - BSW #406 29:45
29:45 Play Later Play Later Lists Like Liked29:45
Play Later Play Later Lists Like LikedIn the leadership and communications section, The CISO code of conduct: Ditch the ego, lead for real, The books shaping today’s cybersecurity leaders, How to Succeed in Your Career When Change Is a Constant, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-406…
1 Popup Porn, LoveSense, Tea, Fire Ant, Scatterede Spider, AI Pricing, Josh Marpet... - SWN #498 31:06
31:06 Play Later Play Later Lists Like Liked31:06
Play Later Play Later Lists Like LikedPopup Porn, LoveSense, Tea, Fire Ant, Scatterede Spider, AI Pricing, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-498
1 How Product-Led Security Leads to Paved Roads - Julia Knecht - ASW #341 1:04:11
1:04:11 Play Later Play Later Lists Like Liked1:04:11
Play Later Play Later Lists Like LikedA successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there's an important difference between expecting (or requiring!) developers to use a platform and building a platform that developers embrace. Julia Knecht shares her experience in building platforms with an attention to developer needs, developer experience, and security requirements. She brings attention to the product management skills and feedback loops that make paved roads successful -- as well as the areas where developers may still need or choose their own alternatives. After all, the impact of a paved road isn't in its creation, it's in its adoption. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-341…
S
Security Weekly Podcast Network (Audio)
1 tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417 1:42:01
1:42:01 Play Later Play Later Lists Like Liked1:42:01
Play Later Play Later Lists Like LikedInterview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident . It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments . Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait. Topic Segment - Should the US Go on the Cyber Offensive? Triggered by an op-ed from Dave Kennedy , the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes. News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-417…
S
Security Weekly Podcast Network (Audio)
1 Total Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More... - SWN #497 33:07
33:07 Play Later Play Later Lists Like Liked33:07
Play Later Play Later Lists Like LikedTotal Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-497
S
Security Weekly Podcast Network (Audio)
1 Protecting G-Suite/MS365 and Security News - Abhishek Agrawal - PSW #884 2:11:14
2:11:14 Play Later Play Later Lists Like Liked2:11:14
Play Later Play Later Lists Like LikedWe chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicous AURs Killing solar farms Weak passwords are all it takes Microsoft's UEFI keys are expiring Kali Linux and Raspberry PI Wifi updates Use lots of electricity, get a visit from law enforcement Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud The time to next exploit is short Sonicwall devices are getting exploited How not to vibe code SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-884…
S
Security Weekly Podcast Network (Audio)
1 Getting Consensus as a CISO, While Calculating Cybersecurity ROI and Building a Team - Khaja Ahmed - BSW #405 1:03:11
1:03:11 Play Later Play Later Lists Like Liked1:03:11
Play Later Play Later Lists Like LikedHow do we get security right? The answer varies by many factors, including industry, what you're trying to protect, and what the C Suite and Board care about. Khaja Ahmed, Advisor at CISO Forum, joins Business Security Weekly to discuss how to get consensus on your security program. CISOs, executives, and the Board need to be aligned on the risks and how best to address them. And it's not technical risks, it's business risks measured by legal or financial impact. Khaja will help guide new and existing CISOs on how to: Work across the business to build consensus Identify and quantify risks in financial and legal terms Design security from the start Be effective as a security leader In the leadership and communications section, Is the C-Suite Right for You?, What Fortune 100s are getting wrong about cybersecurity hiring, Why Communication Is Exhausting in Chaotic Workplaces, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-405…
S
Security Weekly Podcast Network (Audio)
1 Donatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more... - Rob Allen - SWN #496 41:57
41:57 Play Later Play Later Lists Like Liked41:57
Play Later Play Later Lists Like LikedDonatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more on the Security Weekly News. Segment Resources: https://www.darkreading.com/threat-intelligence/matanbuchus-loader-ransomware-infections This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-496…
S
Security Weekly Podcast Network (Audio)
1 Rise of Compromised LLMs - Sohrob Kazerounian - ASW #340 1:06:35
1:06:35 Play Later Play Later Lists Like Liked1:06:35
Play Later Play Later Lists Like LikedAI is more than LLMs. Machine learning algorithms have been part of infosec solutions for a long time. For appsec practitioners, a key concern is always going to be how to evaluate the security of software or a system. In some cases, it doesn't matter if a human or an LLM generated code -- the code needs to be reviewed for common flaws and design problems. But the creation of MCP servers and LLM-based agents is also adding a concern about what an unattended or autonomous piece of software is doing. Sohrob Kazerounian gives us context on how LLMs are designed, what to expect from them, and where they pose risk and reward to modern software engineering. Resources https://www.vectra.ai/research Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-340…
S
Security Weekly Podcast Network (Audio)
1 The Cyber Canon, ditching the SOC 2, and the weekly enterprise news - Helen Patton - ESW #416 1:49:28
1:49:28 Play Later Play Later Lists Like Liked1:49:28
Play Later Play Later Lists Like LikedSegment 1 - Interview with Helen Patton: Introducing the Cybersecurity Canon Did you know that there’s a hall-of-fame for cybersecurity books? Over the past decade, the Cybersecurity Canon has published reviews on dozens of cybersecurity books and established a hall of fame. Hall of fame books are defined as titles that all cybersecurity professionals should read - a great short list for those new to the field and overwhelmed by choices. Helen Patton, co-founder and Chief of Staff for the Cybersecurity Canon joins us to tell us all about the Canon, how it came to be, and its transformation into a more visible and active organization. We’ll also discuss Helen’s own book, “ Navigating the Cybersecurity Career Path ”, and an upcoming second book she’s working on as well! Segment Resources: Helen's personal website The Cybersecurity Canon website Segment 2 - Topic: Does the SOC 2 need to die? AJ Yawn thinks so. The TL;DR is that he thinks industry-specific frameworks are more appropriate and effective. You can check out some more of his thoughts on LinkedIn , or on the Alice in Supply Chains podcast . Ayman recommends checking out https://mvsp.dev/ as a potential alternative (or as a complementary process to actually get secure) Segment 3 - This Week's Enterprise Security News And finally, in the enterprise security news, a bit of funding with a side of layoffs McDonald’s applicants are not lovin’ it a WILD story about a vulnerability in the US train system Meta still on the hook for $8B in privacy violations What is Agentic Misalignment? Using AI when coding is… slower? Auth Omnibus Pop some popcorn - AI acquisitions are getting crazy All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-416…
S
Security Weekly Podcast Network (Audio)
1 Existential Dread, MCP, Cloudflare, ESXI, QR Codes, Salt Typhoon, Aaran Leyland... - SWN #495 33:42
33:42 Play Later Play Later Lists Like Liked33:42
Play Later Play Later Lists Like LikedExistential Dread and Seawater, MCP, Cloudflare, ESxi, QR Codes, Salt Typhoon, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-495
S
Security Weekly Podcast Network (Audio)
In the security news: The train is leaving the station, or is it? The hypervisor will protect you, maybe The best thing about Flippers are the clones Also, the Flipper Zero as an interrogation tool Threats are commercial and open-source Who is still down with FTP? AI bug hunters Firmware for Russian drones Merging Android and ChromOS Protecting your assets with CVSS? Patch Citrixbleed 2 Rowhammer comes to NVIDIA GPUs I hear Microsoft hires Chinese spies Gigabyte motherboards and UEFI vulnerabilities McDonald's AI hiring bot: you want some PII with that? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-883…
S
Security Weekly Podcast Network (Audio)
1 Minimize SAP Migration Challenges, Cybersecurity Maturity, and Radical Transparency - Christopher Carter - BSW #404 58:31
58:31 Play Later Play Later Lists Like Liked58:31
Play Later Play Later Lists Like LikedAre you running SAP? The clock is ticking... Standard maintenance end-of-life is set for the end of 2027. Migration to S/4HANA must be completed by then (or 2030 if you buy into SAP’s special three-year reprieve). While that may appear to be enough time, companies currently working toward an S/4HANA transition are finding the journey challenging, and that's not including the security challenges. Chris Carter, CEO at Approyo, joins Business Security Weekly to discuss your SAP options, including: ERP Strategy: Stay with SAP or migrate to other solutions? S/4HANA Architecture: All cloud or cloud/on-premise? Security Challenges: Cloud vs. on-premise SAP Migration: Recommendations for success In the leadership and communications section, Where cybersecurity maturity meets confidence in C-suite and board leadership, Has CISO become the least desirable role in business?, How Radical Transparency Is Revolutionizing Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-404…
S
Security Weekly Podcast Network (Audio)
1 AI meltdowns, Gigabyte, NCSC, Rowhammer, Gravity Form, Grok, AsyncRat, Josh Marpet... - SWN #494 30:02
30:02 Play Later Play Later Lists Like Liked30:02
Play Later Play Later Lists Like LikedAI meltdowns, Gigabyte, NCSC, Rowhammer, Gravity Form, Grok, AsyncRat, Josh Marpet and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-494
S
Security Weekly Podcast Network (Audio)
1 Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339 1:07:50
1:07:50 Play Later Play Later Lists Like Liked1:07:50
Play Later Play Later Lists Like LikedWhat are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users. The better question is, "What do you want to secure?" We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties. Resources: https://cybersecurityframework.io https://owasp.org/www-project-cheat-sheets/ https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/ https://aflplus.plus/ https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-339…
S
Security Weekly Podcast Network (Audio)
1 Monzy Merza, How Much AI is Too Much, and the Weekly News - Monzy Merza - ESW #415 1:43:41
1:43:41 Play Later Play Later Lists Like Liked1:43:41
Play Later Play Later Lists Like LikedSegment 1: Interview with Monzy Merza - There is a Right and Wrong Way to use AI in the SOC In the rush to score AI funding dollars, a lot of startups build a basic wrapper around existing generative AI services like those offered by OpenAI and Anthropic. As a result, these services are expensive, and don't satisfy many security operations teams' privacy requirements. This is just the tip of the iceberg when discussing the challenges of using AI to aid the SOC. In this interview, we'll dive into the challenge of finding security vendors that care about security, the need for transparency in products, the evolving shared responsibility model, and other topics related to solving security operations challenges. Segment 2: Topic Segment - How much AI is too much AI? In the past few weeks, I've talked to several startup founders who are running into buyers that aren’t allowed to purchase their products, even though they want them and prefer them over the competition. Why? No AI and they’re not allowed to buy. Segment 3: News Segment Finally, in the enterprise security news, We cover the latest funding The Trustwave saga comes to a positive end Android 16 could help you evade law enforcement Microsoft is kicking 3rd party AV out of the kernel Giving AI some personality (and honesty) Log4shell canaries reveal password weirdness Denmark gives citizens copyright to their own faces to fight AI McDonald’s has an AI whoopsie Ingram Micro has a ransomware whoopsie Drama in the trailer lock industry All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-415…
S
Security Weekly Podcast Network (Audio)
1 Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet... - SWN #493 33:42
33:42 Play Later Play Later Lists Like Liked33:42
Play Later Play Later Lists Like LikedTapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-493
S
Security Weekly Podcast Network (Audio)
1 Citrixbleed 2, Hardware Hacking, and Failed Bans - PSW #882 2:06:05
2:06:05 Play Later Play Later Lists Like Liked2:06:05
Play Later Play Later Lists Like LikedThis week in the security news: Citrixbleed 2 and so many failures Ruckus leads the way on how not to handle vulnerabilities When you have no egress Applocker bypass So you bought earbuds from TikTok More gadgets and the crazy radio Cheap drones and android apps Best Mario Kart controller ever VSCode: You're forked Bluetooth earbuds and vulnerabilities Do you remember Sound blaster cards? NFC passport chips Whack-a-disk Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-882…
S
Security Weekly Podcast Network (Audio)
1 SolarWinds Settlement, Upgrade Your Leadership Instincts to Build Your Legacy - BSW #403 51:58
51:58 Play Later Play Later Lists Like Liked51:58
Play Later Play Later Lists Like LikedSEC settles with SolarWinds. We react! In the leadership and communications section, The Skills and Habits Aspiring CEOs Need to Build, Why People Really Quit — And How Great Managers Make Them Want to Stay, The Small Actions That Become Your Legacy, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-403…
S
Security Weekly Podcast Network (Audio)
1 Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland... - SWN #492 33:26
33:26 Play Later Play Later Lists Like Liked33:26
Play Later Play Later Lists Like LikedSpying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-492
S
Security Weekly Podcast Network (Audio)
1 Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338 1:07:15
1:07:15 Play Later Play Later Lists Like Liked1:07:15
Play Later Play Later Lists Like LikedAppsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is expanding a new (but not very different) attack surface. We look at where orgs are investing in appsec, who appsec teams are collaborating with, and whether we need security awareness training for LLMs. Resources: https://www.forrester.com/blogs/application-security-2025-yes-ai-just-made-it-harder-to-do-this-right/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-338…
S
Security Weekly Podcast Network (Audio)
1 Identity, AI & Access: Highlights from Identiverse 2025 - Sagi Rodin, Ajay Amlani, Treb Ryan, Ajay Gupta, Artyom Poghosyan, Amir Ofek - ESW #414 1:49:38
1:49:38 Play Later Play Later Lists Like Liked1:49:38
Play Later Play Later Lists Like LikedSingle Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That’s broken. Cubeless is tearing down the barriers. With Cubeless Verify, we’re delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it’s yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them! Traditional IGA tools struggle to deliver full observability—and stall when it’s time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv . As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform. As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them! As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that’s built to withstand tomorrow’s threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-414…
S
Security Weekly Podcast Network (Audio)
1 North Korea, ransomware, social engineering, AI, Apple, Drugs & Iran - SWN #491 28:50
28:50 Play Later Play Later Lists Like Liked28:50
Play Later Play Later Lists Like LikedNorth Korea, ransomware, social engineering, AI, Apple, Drugs & Iran on this edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-491
S
Security Weekly Podcast Network (Audio)
1 Exploring Meshtastic and LoRa Mesh Networks - Rob Allen - PSW #881 1:08:14
1:08:14 Play Later Play Later Lists Like Liked1:08:14
Play Later Play Later Lists Like LikedThis week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. We break down the available hardware, walk you through firmware installation, and share real-world use cases of LoRa to create decentralized, encrypted networks. Whether you’re a hacker, a prepper, or just curious about the future of resilient communication, this episode is packed with insights and practical tips you won’t want to miss! This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-881…
S
Security Weekly Podcast Network (Audio)
1 The Value of Zero Trust - Rob Allen - BSW #402 32:29
32:29 Play Later Play Later Lists Like Liked32:29
Play Later Play Later Lists Like LikedNew research estimates the value of Zero Trust. Using the Marsh McLennan Cyber Risk Intelligence Center’s proprietary cyber losses dataset from the past eight years, researchers estimated that overall cyber losses could have been potentially reduced by up to 31% had the organizations widely deployed zero-trust security. This adds up to a projected reduction of up to $465 billion in global annual total economic losses. But Zero Trust projects have struggled due to complexity. Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss the simplicity of Zero Trust Endpoint Protection and how it can drive value. Rob will discuss how the ThreatLocker® Zero Trust Endpoint Protection Platform offers a unified approach to protecting users, devices, and networks with ease of deployment and management. Zero Trust doesn't have to be complex. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-402…
S
Security Weekly Podcast Network (Audio)
1 Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet.. - SWN #490 31:11
31:11 Play Later Play Later Lists Like Liked31:11
Play Later Play Later Lists Like LikedSony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-490
S
Security Weekly Podcast Network (Audio)
1 Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337 38:26
38:26 Play Later Play Later Lists Like Liked38:26
Play Later Play Later Lists Like LikedManual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from an LLM assistant, and then applies that understanding to a search for developer patterns that lead to common mistakes like mishandling data, not enforcing a control flow, or not defending against unexpected application states. He explains how finding those kinds of more impactful bugs are rewarding for the reviewer and valuable to the code owner. It involves reading a lot of code, but Louis offers tips on how to keep notes, keep an app's context in mind, and keep code secure. Segment Resources: https://pentesterlab.com/live-training/ https://pentesterlab.com/appsecschool https://deepwiki.com https://daniel.haxx.se/blog/2025/05/29/decomplexification/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-337…
S
Security Weekly Podcast Network (Audio)
1 The Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - Dave Lewis - ESW #413 1:52:05
1:52:05 Play Later Play Later Lists Like Liked1:52:05
Play Later Play Later Lists Like LikedInterview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organizations expect. Talk about the critical weaknesses in traditional SSO implementations, how shadow IT thrives under the radar, and why enterprises continue to experience data breaches despite security investments. Can cover real-world examples of security failures, highlight the role of human behavior in risk, and provide actionable strategies to regain control over enterprise security. This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them! Topic Segment: Is AI taking our jerbs or not? I listened to most of a debate between Marcus Hutchins and Daniel Miessler over whether generative AI will be good enough to replace a lot of jobs (Daniel's take), or so bad that it won't take any (Marcus's take). I got frustrated though, because I feel like some foundational assumptions were ignored, and not enough examples were shared or prepared. Assumption #1: Jobs exist because work needs to be done. This is a false assumption. Check out a book called "Bullshit Jobs" to go down this particular rabbit hole. Assumption #2: The primary task of a job is the job. This is rarely the case, unless you work in the service industry. How much of a developer's job is writing code? A lot less than you think. Employees spend a massive amount of time communicating with other employees, via meetings, emails, Slack chats - can AI replace this? Maybe all that communication is wasteful and inefficient? Could be, but for every job AI supposedly replaces, it becomes someone else's job to manage that AI agent. Does all of middle management become expert prompt engineers, or do they also disappear with no employees to manage? Assumption #3: Jobs aren't already being replaced. They are, they're just not terribly visible jobs. That contractor your marketing team was using to build blog/SEO content? He's probably gone. The in-house or contract graphic designer? Probably gone. There's a whole swath of jobs out there, where quality isn't very important, but work needs to be produced, and those jobs are being actively replaced with generative AI. With that said, I don't see any full time jobs that require quality work and a lot of communication with other employees getting replaced. Yet? Ever? That's the question. The Enterprise News In this week's enterprise security news, Not much interesting funding to discuss Securonix acquires ThreatQuotient Cellebrite acquires Corellium (that sounds a lot like a rock bought a stone or a gem or something) Yet another free vulnerability database ChatGPT can now clandestinely record meetings Threat detection resources a VERY expensive Zoom call (for the victim) Should we stop using SOC2s? Should we give up on least privilege? How much did it cost to change HBO to HBO Max, then to Max, then back to HBO Max? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-413…
S
Security Weekly Podcast Network (Audio)
1 Broadcom, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and more... - SWN #489 31:28
31:28 Play Later Play Later Lists Like Liked31:28
Play Later Play Later Lists Like LikedBroadcom is coming for you, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-489
S
Security Weekly Podcast Network (Audio)
1 Is Vuln Management Dead? - HD Moore - PSW #880 2:16:08
2:16:08 Play Later Play Later Lists Like Liked2:16:08
Play Later Play Later Lists Like LikedThis conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero . HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-880…
S
Security Weekly Podcast Network (Audio)
1 Thriving Through Volatility: Insights for CISOs - Jeff Pollard, Pejman (Pej) Roshan, Deepen Desai - BSW #401 1:05:24
1:05:24 Play Later Play Later Lists Like Liked1:05:24
Play Later Play Later Lists Like LikedIn this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-401…
S
Security Weekly Podcast Network (Audio)
1 The Rise of Malware: Salt Typhoon and Spark Kitty - SWN #488 35:37
35:37 Play Later Play Later Lists Like Liked35:37
Play Later Play Later Lists Like LikedIn this episode of Security Weekly News, Doug White discusses various cybersecurity threats, including the Salt Typhoon and Spark Kitty malware, the implications of Microsoft's decision to drop support for old hardware drivers, and the potential increase in cyber threats from Iran. The conversation also covers the alarming 16 billion password leak and the evolving landscape of password security, including the rise of passkeys and the challenges posed by AI in misinformation and social engineering. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-488…
S
Security Weekly Podcast Network (Audio)
1 How Fuzzing Barcodes Raises the Bar for Secure Code - Artur Cygan - ASW #336 1:01:18
1:01:18 Play Later Play Later Lists Like Liked1:01:18
Play Later Play Later Lists Like LikedFuzzing has been one of the most successful ways to improve software quality. And it demonstrates how improving software quality improves security. Artur Cygan shares his experience in building and applying fuzzers to barcode scanners, smart contracts, and just about any code you can imagine. We go through the useful relationship between unit tests and fuzzing coverage, nudging fuzzers into deeper code paths, and how LLMs can help guide a fuzzer into using better inputs for its testing. Resources https://blog.trailofbits.com/2024/10/31/fuzzing-between-the-lines-in-popular-barcode-software/ https://github.com/crytic/echidna https://github.com/crytic/medusa https://lcamtuf.blogspot.com/2014/11/pulling-jpegs-out-of-thin-air.html Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-336…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to Security Weekly Podcast Network (Audio)
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
