Paul's Security Weekly (Video)
1,061 episodes - English - Latest episode: 14 days ago - ★★★★★ - 2 ratingsIf you're looking for a bunch of us security nerds to get together and talk shop, then Paul’s Security Weekly is for you. This show features interviews with folks in the security community; technical segments, which are just that, very technical; and security news, which is an open discussion forum for the hosts to express their opinions about the latest security headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. The topics vary greatly and the atmosphere is relaxed and very conversational. This is a longer show, typically 2+ hours, for those with a long commute.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Why Is Your TV & NAS On The Internet? - PSW #824
April 11, 2024 21:00 - 1 hour - 526 MB VideoAhoi new VM attacks ahead! HTTP/2 floods, USB Hid and run, forwarded email tricks, attackers be scanning, a bunch of nerds write software and give it away for free, your TV is on the Internet, Rust library issue, D-Link strikes again, EV charging station vulnerabilities, and rendering all cybersecurity useless. Show Notes: https://securityweekly.com/psw-824
Digging Into Supply Chain Security - James McMurry - PSW #824
April 11, 2024 18:02 - 1 hour - 288 MB VideoJim joins the Security Weekly crew to discuss all things supply chain! Given the recent events with XZ we still have many topics to explore, especially when it comes to practical advice surrounding supply chain threats. Show Notes: https://securityweekly.com/psw-824
It's A Minifilter! - PSW #823
April 04, 2024 21:00 - 1 hour - 485 MB VideopfSense switches to Linux (April Fools?), Flipper panic in Oz, Tales from the Krypt, Funding to secure the Internet, Abusing SSH on Windows, Blinding EDR, more hotel hacking, Quantum Bleed, and more! Show Notes: https://securityweekly.com/psw-823
XZ - Backdoors and The Fragile Supply Chain - PSW #823
April 04, 2024 16:08 - 1 hour - 291 MB VideoAs most of you have probably heard there was a scary supply chain attack against the open source compression software called "xz". The security weekly hosts will break down all the details and provide valuable insights. https://blog.qualys.com/vulnerabilities-threat-research/2024/03/29/xz-utils-sshd-backdoor https://gynvael.coldwind.pl/?id=782 https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800 https://lcamtuf.substack.com/p/technologist-...
Crypto, Bluetooth Vulns, Unsafe Locks - PSW #822
March 28, 2024 21:00 - 1 hour - 521 MB VideoThe PSW crew discusses some crypto topics, such as post-quantum and GoFetch, new Flipper Zero projects, RFID hacking and hotel locks, BlueDucky, side channel attacks and more! Show Notes: https://securityweekly.com/psw-822
Are we winning? - Jason Healey - PSW #822
March 28, 2024 16:33 - 1 hour - 294 MB VideoJason Healey comes on the show to discuss new ideas on whether the new national cybersecurity strategy is working. Segment Resources: DEFRAG Hacker Film Festival short documentary (https://youtu.be/NYvHWcQsIRE) on hackers and their favorite films. For educational purposes only, as we don’t have the rights to the clips. YouTube link to Wargames event with Jen Easterly, Matt Devost, Amelia Koran and Kevin Huyck (head of ops for NORAD) (https://youtu.be/iqx6STDYJ7c?si=73WQtSG4RnCGsBcT). ...
A Dive into Vulnerabilities and Compliance - PSW #821
March 21, 2024 21:00 - 1 hour - 513 MB VideoWe discuss the always controversial Flipper Zero devices the hidden risks in the undersea cables, and the landscape of government oversight, revealing the intricacies of CVE, KEV, and NVD systems that are the linchpins of our digital safety. The conversation takes a turn to the practicalities of risk management and the impact of individuals on the industry, like Daniel from the curl project, striking a chord with the significance of cybersecurity vulnerabilities compared to environmental pol...
Securing All The Things - Josh Corman - PSW #821
March 21, 2024 15:46 - 1 hour - 304 MB VideoJosh Corman joins us to explore how we can make things more secure, making companies make things more secure, and making regulations that make us make things more secure! We will also touch on supply chain security and the state of vulnerability tracking and scoring. Show Notes: https://securityweekly.com/psw-821
Printers Are "Not Nice" - PSW #820
March 14, 2024 21:00 - 1 hour - 511 MB VideoIn the security News end of life routers and exploits, SCCM mis-configurations lead to compromise, apparently you can hack anything with a Flipper Zero, do source code leaks matter?, visibility is important, printer vulnerabilities that no one cares about, friendship gets you firmware, lock hacking continues, VM escapes and risk, and multiple really cool Bluetooth hacking stories. Show Notes: https://securityweekly.com/psw-820
Memory Safety, Re-Writing Software, and OSS Supply Chains - Omkhar Arasaratnam - PSW #820
March 14, 2024 16:45 - 52 minutes - 227 MB VideoOmkhar Arasaratnam is the General Manager of the Open Source Software Foundation (OpenSSF) and appears on the show to discuss memory safety, why re-writing software isn't always the best option, open-source software supply chains, and more! Segment Resources: https://openssf.org/blog/2024/02/26/openssf-supports-efforts-to-build-more-secure-and-measurable-software/ https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf Show Notes: https://securityweekly....
DCNextGen, Memory Safety And More! - PSW #819
March 07, 2024 22:00 - 2 hours - 524 MB VideoBiaSciLab from DEF CON joins us to discuss DCNextGen! In the security News: MouseJacking still works, CISA recommends a complete rebuild, memory safety and re-writing code, not all doorbells are created equal, putting a firewall in front of your LLM, rugged gear and vulnerabilities, PLCs are not safe, neither are Windows kernels.. Segment Resources: https://www.defcon.kids https://www.BiaSciLab.com https://www.GirlsWhoHack.com https://www.SecureOpenVote.com Show Notes: https://securitywe...
Facing the Reality of Risk Prioritization - Dan DeCloss - PSW #819
March 07, 2024 16:51 - 1 hour - 280 MB VideoPublic information about exploits and vulnerabilities alone is not enough to inform prioritization, especially with the growing rate and variety of CVEs. Dan DeCloss, founder and CTO of PlexTrac, joins the show to discuss solving the challenges of risk prioritization to drive faster, more strategic assessment cycles. Spoiler: The key is adding context and prioritization to risk-scoring equations. Segment Resources: https://plextrac.com/get-ready-to-prioritize-risk-with-our-new-contextual-...
Malware In Strange Places, Overheating, LockBit - PSW #818
February 29, 2024 22:00 - 1 hour - 448 MB VideoThe latest attacks against WiFi, its illegal to break encryption, BLE Padlocks are as secure as you think, when command not found attacks, how did your vibrator get infected...with malware, the OT jackpot, the backdoor in a random CSRF library, it’s a vulnerability but there is no CVE, car theft and Canada, Glubteba, and settings things on fire! Show Notes: https://securityweekly.com/psw-818
Social Engineering: AI & Living Off The Land - Jayson E. Street - PSW #818
February 29, 2024 17:38 - 1 hour - 321 MB VideoJayson joins us to discuss how he is using, and social engineering, AI to help with his security engagements. We also talk about the low-tech tools he employs to get the job done, some tech tools that are in play, and the most important part of any security testing: Talking to people, creating awareness, and great reporting. Show Notes: https://securityweekly.com/psw-818
Illuminating Cybersecurity Wisdom: Insights from a Thought Leader - Wendy Nather - PSW Vault
February 21, 2024 23:00 - 1 hour - 298 MB VideoJoin us in this illuminating podcast episode as we sit down with Wendy Nather, a distinguished thought leader and cybersecurity strategist, who has left an indelible mark on the ever-evolving landscape of digital security. Wendy's journey in cybersecurity is a narrative woven with expertise, innovation, and a deep understanding of the intersection between technology and risk. With a career that spans strategic roles in both the public and private sectors, Wendy has become a trusted voice i...
Navigating the Cybersecurity Frontier: Insights from a Seasoned Professional - Toby Miller - PSW #817
February 15, 2024 02:00 - 1 hour - 260 MB VideoWelcome to a riveting episode of Hacker Heroes, where we sit down with Toby Miller, a distinguished figure in the realm of cybersecurity. Toby brings a wealth of experience and a passion for fortifying digital landscapes against ever-evolving threats. Armed with a profound understanding of cybersecurity intricacies, Toby has spent years honing his skills in the field. As a seasoned professional, he has not only weathered the storms of the digital frontier but has emerged as a beacon of kno...
Panel: Physical Security and Social Engineering - PSW #817
February 15, 2024 00:00 - 1 hour - 273 MB VideoIn this segment, we discuss topics related to physical security and social engineering. We also touch on the challenges and strategies for implementing effective security measures. The discussion highlights the importance of understanding the relationship between physical security and social engineering. The panel emphasizes the need for a comprehensive approach to security, acknowledging that social engineering and physical security often go hand in hand. We stress the significance of testi...
Shim Shady and Algorithm Lovers - PSW #816
February 09, 2024 15:55 - 1 hour - 511 MB VideoIn the Security News: - Shim Shady, Up Shims Creek, whatever you want to call it, there’s a vulnerability affecting pretty much all Linux distributions (and other operating systems as well), when your toothbrush attacks the Internet, or some claim, glibc has some vulnerabilities, not all got a CVE, and one is for the algorithm lovers, Google shows some love for Rust, beating Bitlocker in 43 seconds, DEF CON was canceled, then uncancelled, and I’m not even joking this time, and the Government...
You Can’t Defend What You Can’t Define - Sergey Bratus - PSW #816
February 08, 2024 22:25 - 1 hour - 278 MB VideoAs a computer-smitten middle-schooler in the former Soviet Union in the 1970s, to his current and prominent role in the cybersecurity research community, Bratus aims to render the increasingly prevalent and perilous software, hardware, and networks in our lives much safer to use. His fascination with computer security started for real in the 1990s as a mathematics graduate student when a computer he was programming and responsible for at Northeastern University in Boston was taken over by a ...
Identifying Bad By Defining Good - Danny Jenkins - PSW #815
February 01, 2024 10:00 - 54 minutes - 251 MB VideoDanny Jenkins, CEO & Co-Founder of ThreatLocker, a cybersecurity firm providing Zero Trust endpoint security, is a leading cybersecurity expert with over two decades of experience building and securing corporate networks, including roles on red and blue teams. He is dedicated to educating industry professionals about the latest cyber threats and frequently speaks on the topics of ransomware and Zero Trust. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlo...
CVE, CVSS, EPSS Falls Short - PSW #815
February 01, 2024 04:49 - 2 hours - 535 MB VideoWhen an RCE really isn’t, your kernel is vulnerable, calling all Windows 3.11 experts, back to Ebay, Turkish websites and credentials, 10 public exploits for the same vulnerability, hacking Bitcoin ATMs, another vulnerability disclosure timeline gone wrong, Flipper Zero tips and how you should not use it to change traffic lights, Windows 11 S mode, and you’re dead (but like in the movie Hackers dead), and more! Show Notes: https://securityweekly.com/psw-815
MS Breach, printers, Android hacking - PSW #814
January 25, 2024 17:30 - 2 hours - 609 MB VideoIn the Security News: Don’t expose your supercomputer, auth bypass and command injection FTW, just patch it, using OSQuery against you, massive credential stuffing, backdoors in Harmony, looking at Android, so basically I am licensing my printer, hacking Tesla, injecting keystrokes over Bluetooth, and remembering the work of David L. Mills. Show Notes: https://securityweekly.com/psw-814
What Smart CISOs and Mature Orgs Get That Others Don’t About Cyber Compliance - Matt Coose - PSW #814
January 25, 2024 01:00 - 1 hour - 290 MB VideoMatt Coose is the founder and CEO of cybersecurity compliance firm Qmulos, previously the director of Federal Network Security for the National Cyber Security Division of the (DHS). CISOs carry the ultimate burden and weight of compliance and reporting and are often the last buck. Says Coose, best-of-breed is better described as best-to-bleed-the-budget: it’s a bottom-up, tech-first, reactive approach for acquiring technology as opposed to managing risk. Coose shares his top considerations...
Bigpanzi, PixieFAIL, Dark Xmas - PSW #813
January 18, 2024 17:18 - 1 hour - 506 MB VideoIn the Security News: Bricked Xmas, If you can hack a wrench, PixieFail and disclosure woes, exposing Bigpanzi (more Android supply chain issues, 20 years of OpenWRT, Jamming, traffic lights, and batteries don’t work that well in the extreme cold. All that and more on this episode of Paul’s Security Weekly! Show Notes: https://securityweekly.com/psw-813
K-12 Cybersecurity - Brian Stephens - PSW #813
January 18, 2024 11:10 - 1 hour - 282 MB VideoWith a recent increase in government attention on K–12 cybersecurity, there is a pressing need to shed light on the challenges school districts face in implementing necessary security measures. Why? Budgeting constraints pose significant obstacles in meeting recommended cybersecurity standards. Brian Stephens of Funds For Learning will discuss: The financial constraints K–12 schools face and the critical role of funding from federal and state governments in addressing cybersecurity concerns...
We're Old Now - PSW #812
January 11, 2024 17:02 - 1 hour - 492 MB VideoThe Exploit Prediction Scoring System is Awesome, or so some say, Reflections on InfoSec, Why some people don’t trust science, SSH-Snake, Back in the Driver’s seat, I Hacked My Internet Service Provider, States & Congress wrestle with cybersecurity, Combining AI with human brain cells, analyzing linux-firmware, detecting BLE SPAM, and The I in LLM. Show Notes: https://securityweekly.com/psw-812
The Evolution of Purple Teaming - Jared Atkinson - PSW #812
January 11, 2024 14:38 - 1 hour - 301 MB VideoJared would like to discuss the evolution of purple teaming. Put bluntly, he believes traditional purple team approaches don’t test enough variations of attack techniques, delivering a false sense of detection coverage. He would like to talk about: The shortcomings of red team assessments and why most purple team assessments are too limited. How the testing landscape and requirements have changed (especially as organizations now look to validate vendor tools defense claims). How purple team ...
Hacker Heroes - Casey Ellis - PSW Vault
January 03, 2024 21:00 - 1 hour - 352 MB VideoUnleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion ...
Interview with Dr. Whitfield Diffie - PSW Vault
December 27, 2023 21:00 - 43 minutes - 200 MB VideoDr. Diffie is a pioneer of public-key cryptography and was VP of Information Security and Cryptography at ICANN. He is author of "Privacy on the Line: The Politics of Wiretapping and Encryption". Show Notes: https://securityweekly.com/vault-psw-6
Learning About Firmware Security - Xeno Kovah - PSW #811
December 21, 2023 10:00 - 1 hour - 279 MB VideoFirmware security is a deeply technical topic that's hard to get started in. In this episode of Below the Surface, Xeno will discuss some past work in firmware security, and how he has organized resources such as a low level timeline (with over 300 talks), and free MOOC classes, to help teach people about firmware security. Segment Resources: https://ost2.fyi https://darkmentor.com/timeline.html This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn m...
Supply Chain - PSW #811
December 20, 2023 23:00 - 53 minutes - 243 MB VideoAI generated description fun: "As the glasses are filled and the mood lightens, our veteran guests, each with a legendary tale or two tucked under their virtual belts, embark on a journey through the complex landscape of supply chain security. These old dogs share war stories, anecdotes, and hard-earned wisdom about the evolving challenges and threats that have shaped their illustrious careers. From the early days of computing to the present era of interconnected systems, our panelists delve...
LogoFAIL, Default Passwords and Android Hacking - PSW #810
December 14, 2023 18:08 - 1 hour - 527 MB VideoAnalyzing firmware with EMBA, TinyXML, and the ugly supply chain, ignoring vulnerabilities that allow attackers to turn off your vehicle, Android lock screen bypass and running water, LogoFAIL updates, and the confusing severity, you still haven’t patched Log4Shell, the password is 123456, and an amazing Bluetooth hack that affects you! Show Notes: https://securityweekly.com/psw-810
Embracing AI - Alex Sharpe - PSW #810
December 14, 2023 00:43 - 1 hour - 287 MB VideoMr. Sharpe is a long-time (+30 years) Cybersecurity, Governance, and Digital Transformation expert with real-world operational experience. Mr. Sharpe has run business units and has influenced national policy. He has spent much of his career helping corporations and government agencies create value while mitigating cyber risk. This gives him a pragmatic understanding of the delicate balance between Business realities, Cybersecurity, and Operational Effectiveness. He began his career at NSA, m...
Holiday News Edition Featuring Special Guests - PSW #809
December 09, 2023 02:00 - 1 hour - 309 MB VideoIn the Security News: If we still can’t change default passwords, we all lose, The Flipper Zero, NO CVE FOR YOU, New tools that are not new at all, The BIOS logo attack vector, a $15 router that has secrets, turns out AI is stupid, and SLAM, dun dun ot, Spectre based on linear address masking, Show Notes: https://securityweekly.com/psw-809
Vulnerability Management and Disclosure - PSW #809
December 09, 2023 01:00 - 56 minutes - 254 MB VideoI like how ChatGPT describes this segment: "Picture a dimly lit room filled with the nostalgic hum of old computers and the subtle clinking of ice in glasses as our hosts delve into the intricacies of vulnerability management. These battle-hardened experts peel back the layers of digital defense, recounting their experiences from the front lines of cyber warfare. From epic zero-day exploits to heart-pounding close calls, these hackers have seen it all, and now they're ready to spill the bean...
Hardware Hacking - PSW #809
December 09, 2023 00:00 - 1 hour - 291 MB VideoThe Security Weekly crew dives into a discussion on the latest hardware hacking techniques, including the hardware/software/firmware used to conduct various tests and create neat projects. You may be trying to hack a specific device. You may be creating a device to accomplish a specific goal. We will discuss various aspects of hardware hacking and fill you in on the some of the latest devices and tools. Like the Flipper Zero, and why the alternatives are better in some cases, but also why th...
Vulnerability Reporting, Zyxel, GPS Spoofing - PSW #808
November 30, 2023 22:00 - 1 hour - 279 MB VideoWe navigate through dangerous cyber terrain, examining real-world examples like the WebP library and the Curl vulnerability. Critical issues in Zyxel firewalls will also be unmasked as we shed light on the urgency of improving vulnerability reporting and cataloging and addressing the often-overlooked problem of overclassifying harmless software bugs. We then shifted gears to tackle the tricky subject of software vulnerability identification, focusing on a specific CVE that sparked intrigui...
AI, LLMs and Some Hardware Hacking - Matthew Carpenter - PSW #808
November 30, 2023 10:00 - 57 minutes - 265 MB VideoOur good friend Matt Carpenter joins us to share his thoughts on what's going on in the world of AI and LLMs. Matt is also a hacker specializing in hardware and the crew has some amazing hardware hacking topics to discuss (as usual). Segment Resources: https://garymarcus.substack.com/p/has-sam-altman-gone-full-gary-marcus Show Notes: https://securityweekly.com/psw-808
AI and LLMs - Think of the Children - Josh More - PSW #808
November 30, 2023 02:06 - 1 hour - 280 MB VideoWhat will the future bring with respect to AI and LLMs? Josh has spent some time thinking about this and brings us some great resources. We'll discuss how to get students involved with AI in a safe and ethical manner. How can we use AI to teach people about cybersecurity? What tools are available and where do they fit into our educational systems that must change and adapt to the times? Join us for a fun discussion on what the future looks like with AI and the youth of today. Segment Resou...
Interview with Brian Snow - PSW Vault
November 22, 2023 21:00 - 1 hour - 280 MB VideoBrian Snow spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and military use his algorithms; they provide capabilities not previously available and span a range from nuclear command and control to tactical radios for the battlefield. He created and managed NSA's Secure Systems Design division in the 1980s. He has many patents, awards, and honors attesting to his crea...
SSH Under Attack, IoT Routers, BLE Spam, & Patching a House of Cards - PSW #807
November 16, 2023 10:00 - 1 hour - 501 MB VideoIn the Security News: SSH under attack, IoT routers have vulnerabilities, the BLE Spam attacks still work against iPhones, there is a longer story behind BLE spam, and Larry is one of the stars, denial of pleasure via BLE, vulnerability disclosure and your blob is showing, the half-day watcher, tapping into cameras, 50 shades of vulnerabilities, Nuclear decay as a random number generator, cachewarp, reptar, attacking Danish critical infrastructure, you can’t patch a house of cards (and your ...
3 Layers of App Security to Keep Hackers Out, Let Customers In - Aviad Mizrachi - PSW #807
November 16, 2023 03:39 - 1 hour - 286 MB VideoAttackers pursue the shortest path to achieve their goals in your app. With a tri-layered security architecture, you can force hackers to crawl through a triathlon in your app. What’s in the three layers, to detect attacks sooner, slow attackers down, and stop them fast? Let’s take a journey across the three layers and discuss how to gain control of user permissions, secure your cloud computing, and keep your customers and their users safe. Show Notes: https://securityweekly.com/psw-807
Firmware, Mainframes, Security and Risk - PSW #806
November 09, 2023 10:00 - 1 hour - 533 MB VideoDo people still use mainframes? IoT and firmware security, Apple Find my, Bluetooth is the gift that keeps on giving, to hackers that is, and more! Show Notes: https://securityweekly.com/psw-806
Testing AI Before It Comes To Get You - Austin Carson - PSW #806
November 09, 2023 01:45 - 1 hour - 281 MB VideoAustin spends the majority of his time thinking about ways to abuse LLMs, the impact of the attacks, and the effects on society. He brings a truly unique perspective to the way to use, attack, and verify output from AI LLM models. Whether you are just learning the ins and outs of LLMs or you were an early adopter, this segment is for you! Show Notes: https://securityweekly.com/psw-806
Source Code Revealed, Resume Prompt Injection, iPhones Be Updating, & Florida Man - PSW #805
November 02, 2023 13:30 - 2 hours - 551 MB VideoIn the Security News: If an exploit falls in the forest do I still need to patch?, Reflections on trusting trust: the source code revealed, prompt injection in your resume, iPhones be updating, a deep dive into vulnerable kernel drivers and wiping SPI flash, cheap to exploit software, to ransom or steal?, oh OAuth, Florida man, door bell shenanigans, don’t pay the ransom, the White House and AI, and quantum teleportation via measurement-induced entanglement. All that and more on this episode...
Trustworthy AI for National Security - Kathleen Fisher - PSW #805
November 01, 2023 23:56 - 1 hour - 303 MB VideoAI/ML is providing significant benefits in a wide range of application domains but also provides adversaries with a new attack surface. Learn about DARPA's efforts to help evaluate AI/ML and work towards a trust model that will allow us to use these valuable tools safely. Segment Resources: Identifying and Mitigating the Security Risks of Generative AI paper (co-authored by Kathleen): https://arxiv.org/abs/2308.14840 DARPA’s AI Forward, which will include AI Exploration opportunities an...
VSCode Vulnerabilities - Thomas Chauchefoin, Paul Gerste - PSW #804
October 26, 2023 09:00 - 51 minutes - 235 MB VideoSonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste conducted research on the security of Visual Studio Code — the most popular code editor out there — which was presented at DEF CON 31 in August. The pair uncovered a few ways for attackers to gain code execution on a victim's computer if they clicked on a specially crafted link or opened a malicious folder in Visual Studio Code, bypassing existing mitigations like Workspace Trust. Developers tend to trust their IDEs and do no...
Shenanigans and more - PSW #804
October 26, 2023 01:52 - 2 hours - 583 MB VideoWe officially welcome Bill Swearingen to our expert panel of PSW hosts, and discuss the news including hacking shenanigans, QNAP, recovering crypto currency, Android malware, and more! Show Notes: https://securityweekly.com/psw-804
Fried Squid, Flipper Zero BLM Spam, Apple Devices, Signal Vulns? & Android TV Devices - PSW #803
October 19, 2023 12:53 - 1 hour - 476 MB VideoIn the Security News: Fried squid is tasty, but the squid proxy is vulnerable, Flipper zero and other tools can now BLE Spam more than just Apple devices, Cisco IOS vulnerability in the web interface, again, is Signal vulnerable?, WinRAR being exploit, still, Math.Random is not really all that random, get your malware samples, and my inside look into Android TV devices, malware, and the horrors of the supply chain! All that and more on this episode of Paul’s Security Weekly! Show Notes: ht...
Meet the Cyber Mercenary who can Overthrow a Government - Chris Rock - PSW #803
October 19, 2023 01:06 - 1 hour - 297 MB VideoChris Rock is a Cyber Mercenary who has worked in the Middle East, US and Asia for the last 30 years working for both government and private organizations. ˇHe is the Chief Information Security Officer and co-founder of SIEMonster. Chris has presented three times at the largest hacking conference in the world, DEFCON in Las Vegas on controversial vulnerabilities. Chris is also the author of the Baby Harvest, a book based on criminals and terrorists using virtual babies and fake deaths for fi...