Paul's Security Weekly (Video)

Lora Projects, WinRAR, Kali Mobile, Benchmarks Vs. IRL, & VPN HYPE! - PSW #796

24 Aug 2023

Contributed by Lukas

In the Security News: Lora projects are popular, simple checksums are not enough, WinRAR: shareware or native OS?, ATM software is vulnerable, attacke...

Managing Bug Bounty Programs At Scale - Dr. Jared DeMott - PSW #796

24 Aug 2023

Contributed by Lukas

Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The sca...

NIST CSF, JTAG vs (OG) Xbox, Tricked Ya, Intel's Security, & Josh Debates Jeff - PSW #795

17 Aug 2023

Contributed by Lukas

In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management sof...

Defending Public Infrastructure While At War - Antranig Vartanian - PSW #795

17 Aug 2023

Contributed by Lukas

The 2020 Armenian war with Azerbaijan called into action over 100 volunteer incident responders from across the country (and the globe) into action. O...

Evil Flippers, The Human-Brain-Machine, AMD CPUs, Hacking Teslas & Rubber Duckies - PSW #794

10 Aug 2023

Contributed by Lukas

In the Security News: Hacking your Tesla to enable heated seats (and so much more), The Downfall of Intel CPUs, The Inception of AMD CPUs, that's righ...

Incident Response Readiness - Gerard Johansen - PSW #794

10 Aug 2023

Contributed by Lukas

Just how prepared are you for the next cybersecurity incident? Depending on the definition, security incidents likely happen daily at most enterprises...

Super Admins, Ancient Language Codes, Great Leakage, & Mirai Vs. Tomcat - PSW #793

03 Aug 2023

Contributed by Lukas

In the Security News: Canon shoots out your Wifi password, I want to be Super Admin, you don't need fancy hacks to bypass air gaps, U.S. Senator attac...

Incident Response Stories - Bill Swearingen - PSW #793

03 Aug 2023

Contributed by Lukas

Our good friend Bill Swearingen joins us to talk about some of the incident response work he's been doing lately. Many people have it wrong, you don't...

Flipper Zeroes, The "Kia Boys", RFID Tags for Amazon, & PCI Wizardry - PSW #792

27 Jul 2023

Contributed by Lukas

In the Security News: Cisco hates patching stuff, they hacked a Peleton, so what?, Zenbleeding, stopping Kia Boys, Your BMC is showing, Hacking your t...

Post-Breach: The Hardening Continues - Sean Metcalf - PSW #792

26 Jul 2023

Contributed by Lukas

Once an incident has occurred and you've responded, then what? Join us for a chat with Sean Metcalf on what we can do to ensure our infrastructure rem...

Security Certification - Rohit Misuriya, Sumit Siddharth - PSW #791

20 Jul 2023

Contributed by Lukas

Sumit comes on the show to teach us a little about PHP type-juggling, introduce a free online security lab, and discuss the new certifications being o...

Lost Keys, LOL Drivers, Nintendo Helps FBI, Mali Mail, & Our Rap Names - PSW #791

20 Jul 2023

Contributed by Lukas

This week, up first is the Security News: Microsoft lost its keys, LOL drivers, If you were the CSO, try to keep employees happy but remove their acco...

It's Alive!, Slow Migrations, Hiding on the Net, BlackLotus Source, & Gaslighting - PSW #790

13 Jul 2023

Contributed by Lukas

In the security news: Someone is going to get hurt, slow migrations, hiding on the Internet is hard, more Fortinet vulnerabilities, BLackLotus source ...

Getting Control Of Your Security Data Pipeline - JP Bourget - PSW #790

13 Jul 2023

Contributed by Lukas

Getting the correct data in the right place for incident response is challenging. JP comes on the show to talk about how he is helping companies with ...

Thoughts From A Security Legend - Dan Geer - PSW Vault

05 Jul 2023

Contributed by Lukas

Welcome to another edition of a Paul's Security Weekly Vault episode! This episode was previously recorded on April 5, 2012 and features an interview ...

Melting Neighbors, SBOMs, DIY 2FA - PSW #789

29 Jun 2023

Contributed by Lukas

In the security news: You got so many CVEs you need your own, dedicated, vulnerability scanner, melting your neighbors with hacking, The FDA's SBOM an...

Pen Testing & Adversary Emulation - Carlos Perez - PSW #789

29 Jun 2023

Contributed by Lukas

In this segment we welcome Carlos Perez back to the show! Carlos will discuss methods we can use to hide one systems and cover our tracks. We'll cover...

Cyber Directors (& Tsars!), Replace Your Hardware, Drink For PCI, & Handheld Gaming - PSW #788

22 Jun 2023

Contributed by Lukas

In the Security News: There is no national cyber director, time to move away from MoveIT, update Microsoft IIS at least every 6 years, your security s...

Penetration Testing - Emilie St-Pierre - PSW #788

22 Jun 2023

Contributed by Lukas

Emilie comes on the show to talk about penetration testing and share her knowledge and stories!   Visit https://www.securityweekly.com/psw for all t...

Interview with Bill Cheswick - PSW VAULT

14 Jun 2023

Contributed by Lukas

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on April 9, 2013.   Bill...

L0pht Heavy Industries Panel - PSW Vault

07 Jun 2023

Contributed by Lukas

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on October 18, 2015. L0ph...

Plain Text Keystrokes, WPBT, One Packet Exploits, & Sock Puppets! - PSW #787

01 Jun 2023

Contributed by Lukas

In the security news: keystroke logs are stored in plain-text (and other atrocities in software used in schools), WPBT is the gift that keeps on givin...

Spotlight on Penetration Testers - Vlad Gostomelsky - PSW #787

01 Jun 2023

Contributed by Lukas

Penetration Tester stories, dumb and funny stuff that's crazier than movies. Segment Resources: https://www.cyberpointllc.com/index.php  https://www....

Post-Exploit, Vocal Passports, Will it Run DOOM!?!, & Coldplay Lyrics in Firmware - PSW #786

25 May 2023

Contributed by Lukas

In the Security News: a cross-platform, post-exploit, red teaming framework, cover your backups, your voice should never be your passport, time to cha...

Generative AI Security Implications, Protecting Web Applications - Liam Mayron - PSW #786

25 May 2023

Contributed by Lukas

Liam Mayron from Fastly comes on the show to talk about his unique path into information security, the security implications of generative AI, advance...

Texas A&M Prof Fails, Windows Vs. iPhones, Cobalt Strike on Mac, & SHA-1 in Shambles - PSW #785

18 May 2023

Contributed by Lukas

In the security news: How AI Knows Things No One Told It, Dragos Employee Gets Hacked, VMProtect Source Code Leaks, CISA Vulnerabilities, SHA-1 is a S...

Artificial Ignorance & Pen Testing - Kevin Johnson - PSW #785

18 May 2023

Contributed by Lukas

Kevin Johnson joins us to discuss pen testing, automated testing, why AI testing is not pen testing!   Visit https://www.securityweekly.com/psw for ...

SBOMbshells, Honeytokens, Fixin It in the Future, & Immortal Modems - PSW #784

11 May 2023

Contributed by Lukas

In the security news: feel free to cry a bit, honeytokens are the shiny new hotness, it's fixed in the future, backdooring electron, should we move to...

Mastering Penetration Testing: Critical Tasks & Essential Tools for Success - Paula Januszkiewicz - PSW #784

11 May 2023

Contributed by Lukas

In this talk, Paula Januszkiewicz, renowned cybersecurity expert with years of experience in the field, shares her insights on critical tasks that mus...

No Pr0nHub 4 U, HTTP Lock Status, Selling Hacking Tools, & Chrome Drops HTTP Lock - PSW #783

04 May 2023

Contributed by Lukas

This week in the Security News: 5-year old vulnerabilities, hijacking packages, EV charging apps that could steal stuff, do we even need software pack...

Pen Testing Techniques and Jurassic Malware - Rob Fuller - PSW #783

04 May 2023

Contributed by Lukas

Rob "Mubix" Fuller comes on the show to talk about penetration testing, what's changed over the years? He'll also discuss "Jurassic Malware" and creat...

Hack All The Things With Flipper Zero - Kaitlyn Handelman - PSW #782

27 Apr 2023

Contributed by Lukas

STM32 boards, soldering, decapping chips, RTOS development, lasers, multiple flippers and for what you ask? So I can be alerted about a device I alrea...

SSD AI/ML, Salsa for your Software, Hacking Smart TVs with IR, & Getting Papercuts - PSW #782

27 Apr 2023

Contributed by Lukas

In the Security News: SSDs use AI/ML to prevent ransomware (And more buzzword bingo), zombie servers that just won't die, spectral chickens, side-chan...

Under the Weather (Taxonomy?), Beating Roulette, Monitoring Macs, & XBMC Glory Days - PSW #781

20 Apr 2023

Contributed by Lukas

In the security news: Blizzards, Sleet, Typhoons, Sandstorms and Tsunamis, masking your car stealing tech in a Nokia phone, kill -64, Google doesn't w...

Supply Chain Security - Ivan Arce - PSW #781

20 Apr 2023

Contributed by Lukas

We will talk about Supply chain security, the TPM 2.0 vulnerabilities recently discovered by a Quarkslab researcher, bugs in reference implementations...

Stolen Cred Bizarre, US CyberSec, Stealing Cars With Headlights, & AI Censorship - PSW #780

13 Apr 2023

Contributed by Lukas

In the security news, FBI seizes one of the biggest stolen credential markets, Is catching ransomware the baseline for detection and response? Potenti...

Social Engineering & Conquering Impostor Syndrome - Billy Boatright - PSW #780

13 Apr 2023

Contributed by Lukas

Imagine an illness that requires surgery a few times a month and restricts your mobility. What would that do to your career? In our chat with Billy Bo...

Rorschach, QNAP, We Got Hacked, SystemD, UTF-8, & Grub2 Music - PSW #779

06 Apr 2023

Contributed by Lukas

In the Security News: Rorschach, QNAP and sudo, why bother signing things, why bother having a password, why bother updating firmware, smart screensho...

Cybersecurity Workforce Development - Sin Ming Loo - PSW #779

06 Apr 2023

Contributed by Lukas

The approach of cybersecurity workforce development and how someone with such technical background come to designing a degree program with non-traditi...

The RESTRICT Act, Intel's Attack Surface, & Stop Developing AI (For 6 Months) - PSW #778

30 Mar 2023

Contributed by Lukas

In the Security News: Turning traffic lights green with the flipperzero (and a bunch of other hardware), suspending AV and EDR, Test signing mode, Lin...

Firmware Hacking! Reversing and Exploitation - Philippe Laulheret - PSW #778

30 Mar 2023

Contributed by Lukas

How to get into reversing embedded firmware? Can the planet really be hacked? We'll go over a couple of fun exploitation examples, see what mistakes w...

7" Laptop, Trojans in Chips, Samsung's Faux Moon, & The 4 C's - PSW #777

23 Mar 2023

Contributed by Lukas

In the Security News: Windows MSI tomfoolery, curl turns 8...point owe, who doesn't need a 7" laptop, glitching the ESP, your image really isn't redac...

Vulnerability Research (& Other "Things") - Nico Waisman - PSW #777

23 Mar 2023

Contributed by Lukas

We sit down with Nico Waisman to discuss vulnerability research and other security-related topics!   Visit https://www.securityweekly.com/psw for al...

How to Steal a Tesla, AI On Your Pi, Linux Desktop: Future, & SOCKS5 Your Burp - PSW #776

16 Mar 2023

Contributed by Lukas

In the security news: AI on your PI, no flipper for you, stealing Tesla's by accident, firmware at scale, the future of the Linux desktop, protect you...

Everything's Valid in Code & War: Attacks on the Software Supply Chain - Santiago Torres Arias - PSW #776

16 Mar 2023

Contributed by Lukas

Software supply chain attacks, those in which hackers target the "water supply" of software are on the rise. This makes software developers everywhere...

Hidden Buttons, Dumb Password Rules, BLE Relay Attack, & Stealthy UEFI - PSW #775

09 Mar 2023

Contributed by Lukas

In the Security News: Using HDMI radio interference for high-speed data transfer, Top 10 open source software risks, Dumb password rules, Grand Theft ...

Ask Our PSW Hosts Anything! - PSW #775

09 Mar 2023

Contributed by Lukas

Tune in to ask our PSW hosts anything you want to know! Join the live discussion in our Discord server to ask a question. Visit securityweekly.com/dis...

ChatGPT Articles, What the Zimbra, Burp Plugins, & Vocal Passports - PSW #774

02 Mar 2023

Contributed by Lukas

In the Security News for this week: indistinguishable classifiers, screenshot the /etc/passwd file, what the Zimbra, couple of cool Burp plugins, my v...

Phishing Attack & Defense - Asaf Cidon - PSW #774

02 Mar 2023

Contributed by Lukas

Barracuda published its 2023 Email Security Trends report that shows how email-based security attacks affect organizations around the world. 75% of th...

TikTok Thefts, Typo Squatting is Lame, Stealing from the TPM, & Codebreaking Letters - PSW #773

16 Feb 2023

Contributed by Lukas

In the Security News: If it can run Linux, it should, TikTok thefts, significant vulnerability findings, and I'm not even joking, typo squatting is la...

Zero Trust ≠ Zero Risk: Leveraging Risk Techniques for Zero Trust Acceleration - Ron Woerner - PSW #773

16 Feb 2023

Contributed by Lukas

Zero Trust is the buzzword of the 2020's. Vendors are selling it, the US Federal Government is requiring it, and organizations are implementing it, bu...

The RIGHT Software, Docker vs. Root, CORS, Vuln Risk Scoring, & Cisco Attacks - PSW #772

09 Feb 2023

Contributed by Lukas

In the Security News: VMware and Ransomware makes you want to run some where, double-free your OpenSSH, download the RIGHT software, you have Docker, ...

Linux and FOSS Supply Chain Issues - Hal Pomeranz - PSW #772

09 Feb 2023

Contributed by Lukas

Linux systems are a collection of free and Open Source software-- some packaged by your distro, some built from source. How do you verify that your up...

Super(conductive) Graphene, Yandex Leak, No Fly Lists, & Thinkpad Servers - PSW #771

02 Feb 2023

Contributed by Lukas

In the Security News for this week: defending against cleaning services, catastrophic mutating events and the future, myths and misconceptions, findin...

The Power of Purple Teaming: Using Runbooks to Standardize and Collaborate - Dan DeCloss - PSW #771

02 Feb 2023

Contributed by Lukas

In a recent survey on purple teaming, 89 percent of respondents who had used the method deemed purple teaming activities "very important" to their sec...

GetVariable Strikes Again, Linux Santa, AMD Vulns, & Remote Computer Detonation - PSW #770

26 Jan 2023

Contributed by Lukas

This week in the Security News: GetVariable strikes again, attackers could blow up your computer remotely, escaping containers, null-dereferences and ...

How Do We Raise the Floor for Software Quality? - Brian Behlendorf - PSW #770

26 Jan 2023

Contributed by Lukas

Open source is the bedrock of most of the world's software today, so how to raise the floor on software quality across the industry? First, we need be...

Real Time Linux, RSA Encryption, Sec vs. Compliance, Cold River, & ChatGPT - PSW #769

12 Jan 2023

Contributed by Lukas

Then, in the Security News: In the security news: Do not panic about RSA encyption, the age old debate: Security vs. Compliance, Cold River, and no no...

Other Considerations for Applying Security into Critical Infrastructure Systems - Kate Stewart - PSW #769

12 Jan 2023

Contributed by Lukas

Over the last few years, the trend to use Open Source has been migrating into safety-critical applications, such as automotive and medical, which intr...

Roblox Prison, 3DS RCE, Puckungfu, Google Home Wiretaps, & Lastpass Hack - PSW #768

05 Jan 2023

Contributed by Lukas

In the Security News: The Roblox prison yard, password manager problems, PyTorch gets torched with a supply chain attack, Oppenheimer cleared, Puckung...

Software Supply Chain Security & MITRE's System of Trust - Robert Martin - PSW #768

05 Jan 2023

Contributed by Lukas

This session explores software supply chain security and the details of System of Trust, a community effort to develop and validate a process for inte...

Holiday Security News & The Holiday Hack Challenge 2022! - PSW #767

15 Dec 2022

Contributed by Lukas

This week, we round out the Holiday Special 2022 with a special guest appearance by Ed Skoudis, where he joins to fill us in on the Holiday Hack Chall...

Hacker Trivia - PSW #767

15 Dec 2022

Contributed by Lukas

How well do you know your hacker history and trivia? See how you compare to our hosts as we tackle hacker trivia live on the air! Categories will incl...

How To Get Started in Information Security - PSW #767

15 Dec 2022

Contributed by Lukas

Without question, we need more people working in cybersecurity today. Our culture has come a long way to be more open and inviting to new folks, but w...

Is Penetration Testing Dead? - PSW #767

14 Dec 2022

Contributed by Lukas

While we most likely do not believe that penetration testing is dead it continues to evolve over time. What do penetration tests look like today? Have...

Ping of Death, 500 Year Old Ciphers, Pwn The Dev, & Chatbot's Order 66 - PSW #766

08 Dec 2022

Contributed by Lukas

In the Security News: ping of death returns, remembering when the Internet disconnected if your Mom picked up the phone, a 500-year-old cipher is crac...

Severe BMC Vulnerabilities - Nate Warfield - PSW #766

08 Dec 2022

Contributed by Lukas

Eclypsium's research team has discovered 3 vulnerabilities in BMCs. Nate Warfield comes on the show to tell the full story! This has garnered much att...

To The Cloud! (Or Not Yet?) - Sinan Eren - PSW #766

08 Dec 2022

Contributed by Lukas

Is there still a network or has it slipped away from us entirely? What about efforts for localization because people do not trust the cloud, its provi...

Open Source Security - Josh Bressers, Kurt Seifried - PSW #765

01 Dec 2022

Contributed by Lukas

We are joined by Josh and Kurt from the amazing Open Source Security Podcast! We're talking about supply chain risks, threats and vulnerabilities in t...

RCE in Muddy Waters, Hacking Smart Watches, FCC Bans Stuff, & When BMC's Attack - PSW #765

01 Dec 2022

Contributed by Lukas

This week in the Security News: When you just wanna hurl, malicious containers, FCC bans stuff, these are not the CVE's you're looking for, Linux pass...

Stealing Mastodon Passwords, Update Your Firmware on Linux, & Oops I Leaked Again - PSW #764

17 Nov 2022

Contributed by Lukas

In the Security News: Stealing Mastodon passwords, reporting vulnerabilities in open-source privately, labeling does not solve problems, or does it? w...

UEFI & SMM Vulnerabilities - Jesse Michael - PSW #764

17 Nov 2022

Contributed by Lukas

Navigating the UEFI waters is treacherous. While UEFI has become the standard on most PCs, servers, and laptops, replacing legacy BIOS, it is a comple...

Urlscan, BYODC, Indirect Branch Tracking, Don't Hack Me Bro, & Fizzling Out Security - PSW #763

10 Nov 2022

Contributed by Lukas

In the Security News: submerged under blankets in a popcorn tin is where they found it, Indirect Branch Tracking, don't hack me bro, we're here from t...

A Case for Threat Informed Penetration Testing - Dan DeCloss - PSW #763

10 Nov 2022

Contributed by Lukas

Every penetration test should have specific goals. Coverage of the MITRE ATT&CK framework or the OWASP Top Ten is great, but what other value can a pe...

OpenSSL Vulns, RepoJacking, Authentication Bypass, & Supercharging Your Hacking - PSW #762

03 Nov 2022

Contributed by Lukas

In the Security News: last year's open source is tomorrow's vulnerabilities, RepoJacking, I feel like there will always be authenitcation bypass, supe...

Blenster - Hacking Hardware - Ben Hibben - PSW #762

03 Nov 2022

Contributed by Lukas

Blenster comes on to talk about the Maker Movement, Hackerspaces, community and inclusive cultures, intentionality and kindness as a social cheat code...

Exploiting Hacker Tools, Microsoft "Fixes" Driver Problem, Moles, & Deconflictions - PSW #761

27 Oct 2022

Contributed by Lukas

This week in the Security News: rethinking vulnerability severity, exploiting the hacker tools, Microsoft "fixes" the vulnerable driver problem, its w...

Linux Rust & Retro - Charles Shirer - PSW #761

27 Oct 2022

Contributed by Lukas

In this segment, we are going to discuss linux security and using the Rust programming language with an Offensive MindSet, and our guest Charles Shire...

EDR, Driver Signing, SBOMS - Do They Work? - PSW #760

20 Oct 2022

Contributed by Lukas

This week in the Security News: A Security Maturity Model for Hardware Development, Palo Alto Networks fixed a high-severity auth bypass flaw in PAN-O...

SANS Annual SOC Survey Insights - Christopher Crowley - PSW #760

20 Oct 2022

Contributed by Lukas

Chris Crowley, SOC-Class Course Author, SANS Senior Instructor, and Consultant at Montance® LLC, joins PSW to discuss SOC training and development be...

Shifting to a Victory Mindset - Michael Meis - PSW #760

20 Oct 2022

Contributed by Lukas

Michael Meis, associate CISO at the University of Kansas Health System, joins PSW to discuss how the history of warfare has influenced modern-day cybe...

Detecting Deepfake Audio, Supply PHP Attack, UMAS Secrets, & Pixel 6 Bootloader - PSW #759

13 Oct 2022

Contributed by Lukas

This week in the Security News: The secrets of Schneider Electric's UMAS protocol, Pixel 6 bootloader: Emulation, Securing Developer Tools: A New Supp...

A Day in the Life of a Threat Researcher - Ismael Valenzuela - PSW #759

13 Oct 2022

Contributed by Lukas

As Vice President of Threat Research & Intelligence at BlackBerry, Ismael Valenzuela leads threat research, intelligence, and defensive innovation. Is...

Pig Butchering, Dell Driver FTW, Deep Access, & PHP Supply Chain Attacks - PSW #758

06 Oct 2022

Contributed by Lukas

In the Security News: deep access, dell drivers for the win, detecting deep fakes with acoustic tracking, exchanging 0days, I got 99 embedded firmware...

Device Paradox: Why Security & Criticality Don't Overlap in Embedded Systems - Ang Cui - PSW #758

06 Oct 2022

Contributed by Lukas

Red Balloon Security CEO Ang Cui has spent over a decade looking into the most critical devices supporting our infrastructure. He explains why the ins...

Voltron, Karakurt Extortion, 1 Click Workaround, Snowden Citizenship, & Casey Ellis - PSW #757

29 Sep 2022

Contributed by Lukas

This week, we're joined by Casey Ellis to discuss a Telco breach from a land down under, UK government sits out bug bounty boom but welcomes vulnerabi...

The Role of Human Behavior in Security & the Future - Ev Kontsevoy - PSW #757

29 Sep 2022

Contributed by Lukas

Hackers rarely break through crypto or exploit fancy zero days. Most of the time they simply login using stolen credentials. Managing passwords, keys ...

Firmware VS. Hardware, Tamper Protection, Hacking Gamers, & Unfortunate Spillage - PSW #756

23 Sep 2022

Contributed by Lukas

In the Security News: Bloodhound's blind spots, Interactable Giraffe, don't use open-source, it has too many vulnerabilities, MFA fatigue, tamper prot...

MFA Fatigue & Authentication - Sinan Eren - PSW #756

22 Sep 2022

Contributed by Lukas

Sinan Eren, the VP of Zero Trust at Barracuda joins to discuss various aspects of MFA Fatigue & Authentication with the PSW crew! Segment Resources: ...

Browser In Your Browser, Sock Puppets, Performance Killing Patches, & GIFShell - PSW #755

15 Sep 2022

Contributed by Lukas

In the Security News: you liked the browser so much we put a browser in your browser, hackers are using sock puppets, the patch that kills performance...

Using No-Code Automation to Tackle Analyst Burnout - Thomas Kinsella - PSW #755

15 Sep 2022

Contributed by Lukas

Analyst burnout and the talent shortage are creating environments where teams are stressed out, overwhelmed, and frustrated. Security Operations manag...

Crappy Exploits, $8 Mil 0-Day, Mac Updates, & Anti-Cheat Is NOT Anti-Hack - PSW #754

01 Sep 2022

Contributed by Lukas

In the Security News: Lastpas breach, long live John McAfee, Macs getting fewer updates, CPE correlating to CVE, clicky clicky hacks, anti-cheat is no...

Turning Cybersecurity Education Into Industry Impact - John Hammond - PSW #754

01 Sep 2022

Contributed by Lukas

Training and education is a constant conversation within the cybersecurity community, but it doesn't have to be a hard problem to solve. We will discu...

Mudge, Tox P2P Messenger, 8 Year Old Linux Flaws, Dirty Pipe, & Unix Legends - PSW #753

26 Aug 2022

Contributed by Lukas

This week in the Security News: Crypto Miners Using Tox P2P Messenger as Command and Control Server, 8-year-old Linux Kernel flaw DirtyCred is nasty a...

Data Integrity Lights the Way: Security With the Decentralized Web - Davi Ottenheimer - PSW #753

25 Aug 2022

Contributed by Lukas

There's a lot of worry about "fakes" especially in a world rapidly adopting AI/ML, so it's time for solutions. "Solid" is the W3C open standard, exten...

StarLink Hacks, Ramsomware Extortion, Signal/Twilio Compromise, Hacking Cars and Tractors - PSW #752

19 Aug 2022

Contributed by Lukas

Larry, Doug, Lee, Josh, and Chris Blask cover the security news! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: htt...

InfoSec Lessons from Military Strategy, Tactics, and Operational Art - Greg Conti - PSW #752

18 Aug 2022

Contributed by Lukas

We don't like it, but the hopeful internet we envisioned doesn't look much like the internet as it exists today. Online conflict is widespread and at ...

Not-So-Secure Boot - Jesse Michael, Mickey Shkatov - PSW #751

11 Aug 2022

Contributed by Lukas

We welcome the infamous Eclypsium security researchers Mickey and Jesse to talk about Secure Boot vulnerabilities. They walk us through the history of...

Unearthed Easter Eggs, Black Hat/DEF CON Talks, Decrypting Oz, & 27 Factor Auth - PSW #751

11 Aug 2022

Contributed by Lukas

In the Security News, key fob hacks and stealing cars, the best Black hat and defcon talks of all-time, open redirects are still open, the keys to dec...

Re-Routing Traffic, Pseudo Keyloggers, TLS Inside, LockBit, Cobalt Strike & Defender - PSW #750

04 Aug 2022

Contributed by Lukas

In the Security News: when hackers are not behind and outage, when hackers are behind re-routing traffic, neat pseudo-keystroke loggers, when XSS lead...