Where security veterans unpack the latest IT security news, vulnerabilities, and research through a historical and technical lens that can cut through even the thickest cigar smoke. Hosted by Paul Asadoorian and Larry Pesce. Co-hosts: Josh Marpet, Jeff Man, Mandy Logan, Tyler Robinson.
…
continue reading
Securitypodcast
Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you!
…
continue reading
We’ll take you inside the world of security and share first-hand expertise from our industry professionals. Join us as we dive into everything security and explore the journeys of those who go above and beyond to make our world a safer and friendlier place.
…
continue reading
1
Hacking Washing Machines - PSW #885
1:58:07
1:58:07
Play later
Play later
Lists
Like
Liked
1:58:07
In the security news: Hacking washing machines, good clean fun! Hacking cars via Bluetooth More Bluetooth hacking with Breaktooth Making old vulnerabilities great again: exploiting abandoned hardware Clorox and Cognizant point fingers AI generated Linux malware Attacking Russian airports When user verification data leaks Turns out you CAN steal car…
…
continue reading
1
Protecting G-Suite/MS365 and Security News - Abhishek Agrawal - PSW #884
2:11:14
2:11:14
Play later
Play later
Lists
Like
Liked
2:11:14
We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicou…
…
continue reading
In the security news: The train is leaving the station, or is it? The hypervisor will protect you, maybe The best thing about Flippers are the clones Also, the Flipper Zero as an interrogation tool Threats are commercial and open-source Who is still down with FTP? AI bug hunters Firmware for Russian drones Merging Android and ChromOS Protecting you…
…
continue reading
1
Citrixbleed 2, Hardware Hacking, and Failed Bans - PSW #882
2:06:05
2:06:05
Play later
Play later
Lists
Like
Liked
2:06:05
This week in the security news: Citrixbleed 2 and so many failures Ruckus leads the way on how not to handle vulnerabilities When you have no egress Applocker bypass So you bought earbuds from TikTok More gadgets and the crazy radio Cheap drones and android apps Best Mario Kart controller ever VSCode: You're forked Bluetooth earbuds and vulnerabili…
…
continue reading
1
Exploring Meshtastic and LoRa Mesh Networks - Rob Allen - PSW #881
1:08:14
1:08:14
Play later
Play later
Lists
Like
Liked
1:08:14
This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. W…
…
continue reading
1
Is Vuln Management Dead? - HD Moore - PSW #880
2:16:08
2:16:08
Play later
Play later
Lists
Like
Liked
2:16:08
This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integrati…
…
continue reading
This week: * The true details around Salt Typhoon are still unknown * The search for a portable pen testing device * Directories named "hacker2" are suspicious * Can a $24 cable compete with a $180 cable? * Hacking Tesla wall chargers * Old Zyxel exploits are new again * Hacking Asus drivers * Stealing KIAs - but not like you may think * Fake artic…
…
continue reading
1
UEFI Vulnerabilities Galore - PSW #878
2:10:48
2:10:48
Play later
Play later
Lists
Like
Liked
2:10:48
This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor namin…
…
continue reading
1
Updating & Protecting Linux Systems - PSW #877
1:05:23
1:05:23
Play later
Play later
Lists
Like
Liked
1:05:23
Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems *…
…
continue reading
In the security news: Vicious Trap - The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities - a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentials on end of life routers and "Alphanetworks" SIM s…
…
continue reading
1
Malware Laced Printer Drivers - PSW #875
2:01:59
2:01:59
Play later
Play later
Lists
Like
Liked
2:01:59
This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and…
…
continue reading
This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…
…
continue reading
Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…
…
continue reading
1
AI Tips, Tricks, and Traps! - PSW #872
1:37:21
1:37:21
Play later
Play later
Lists
Like
Liked
1:37:21
The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
…
continue reading
1
Hacking Crosswalks and Attacking Boilers - PSW #871
2:04:15
2:04:15
Play later
Play later
Lists
Like
Liked
2:04:15
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…
…
continue reading
1
Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA... - PSW #870
2:06:35
2:06:35
Play later
Play later
Lists
Like
Liked
2:06:35
Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA, College, who knows, a lot more... On Paul's Security Weekly. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-870
…
continue reading
In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid …
…
continue reading
1
Not-So-Secure Boot - Rob Allen - PSW #868
2:12:35
2:12:35
Play later
Play later
Lists
Like
Liked
2:12:35
Rob Allen, Chief Product Officer at Threatlocker joins us for an interview segment on using AI in security products: What works and what's not fully baked! Then in the security news, There are more holes in your boot...loader according to Microsoft, related: Secure Boot is in danger and no one is really talking about it (still), Dear Microsoft: I d…
…
continue reading
1
SignalGate and How Not To Protect Secrets - PSW #867
2:07:11
2:07:11
Play later
Play later
Lists
Like
Liked
2:07:11
How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you he…
…
continue reading
1
Ep. 38: The evolution of the security industry and what client’s look for in a provider
28:19
28:19
Play later
Play later
Lists
Like
Liked
28:19
This month's guest is Kelvin Ng, Director of Business Operations for Global Relay. Kelvin has over 30 years experience in executive management and project leadership - but it all started in the security industry. Kelvin has carried that knowledge and experience throughout his career and leaned on it both during tough times and opportunities for gro…
…
continue reading
This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but s…
…
continue reading
1
AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865
2:07:50
2:07:50
Play later
Play later
Lists
Like
Liked
2:07:50
Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user’s need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the orga…
…
continue reading
Hacking your mattress, Taylor Swift all the time, DNS sinkholes, throwing parties at rental properties, detect jamming, it took 18 years to hack, airtag hacks, undetectable weapons, RIP Skype, Cellebrite targets, upgrade ALL the things, Kali, Raspberry PIs, and M.2 hats, pirating music through a supply chain attack, Cisco small business and why you…
…
continue reading
1
Zero Days Are Not Just Fiction - PSW #863
1:49:19
1:49:19
Play later
Play later
Lists
Like
Liked
1:49:19
Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my no…
…
continue reading
Our thoughts on Zero Trust World, and just a little bit of news. Of course we covered some firmware and UEFI without Paul! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-862
…
continue reading
1
Prompt Injection, CISA, Patch Tuesday - PSW #861
2:05:09
2:05:09
Play later
Play later
Lists
Like
Liked
2:05:09
You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, s…
…
continue reading
