Episodes
This week on the podcast, we cover a research white paper that details how attackers could use AI to complete an entire money-theft or credential theft-scam from start to finish. Before that, we discus Sophos' 5 year battle with Chinese hackers targeting network devices followed by Microsoft's current battle with password spray attacks through compromised network devices.
Published 11/05/24
Published 11/05/24
This week on the podcast, we review Fortinet's recently-disclosed remote code execution vulnerability in the FortiManager system that has been under active exploit since at least June. After that, we discuss the SEC's recent action against 4 companies found at fault for misleading security incident disclosure statements.
Published 10/29/24
This week on the podcast, we cover security incident that brought the Internet Archive and all of its services down, including the Way Back Machine. Before that, we discuss a Chinese nation-state backed threat actor that compromised three major American telecommunications providers and may have gained access to the US wiretapping system.
Published 10/15/24
This week we cover a research write up on a new technique to monetize stolen AWS credentials. Before that, we discuss a Linux malware variant that went unexposed until just recently and a story about a serial hacker that was caught because of opsec failures.
Published 10/08/24
This week on the podcast, we cover the "9.9/10 severity vulnerability affecting most Linux systems" that a researcher disclosed last week and what it means for Linux systems administrators. We then discuss a research post into Kia's remote control systems that allowed one researcher to compromise any Kia in the last decade by just knowing their license plate number. We end with a new act that was just introduced into the US Senate with a goal to secure the healthcare industry.
Published 09/27/24
This week on the podcast, we discuss how German law enforcement managed to deanonymize and arrest users on the TOR network. After that, we discuss why the US government is trying to ban Chinese-manufactured car hardware. We then end with a cool research article on chaining open redirect and iframe issues into a 1-click vulnerability that grants attackers access to arbitrary Google Docs files.
Published 09/24/24
This week on the podcast, we discuss Microsoft's recent Windows Endpoint Security Ecosystem Summit and what it means for the future of endpoint security on the Windows platform. After that, we cover a research post on a malware campaign using Google Sheets as a command and control channel before ending with a chat about the US federal government's push to classify cybersecurity as a national service role.
Published 09/16/24
This week on the podcast, we discuss guidance published by the US White House Office of the National Cyber Director that lays out a roadmap for addressing key security concerns in the BGP routing protocol. Before that, we cover a security research post from Jfrog detailing a new python package hijacking method under active exploitation as well as an analysis of the Microsoft Windows Wi-Fi driver remote code execution vulnerability patched last June.
Published 09/09/24
https://youtu.be/rqJGPKJmbkc This week on the podcast, we discuss guidance published by the US White House Office of the National Cyber Director that lays out a roadmap for addressing key security concerns in the BGP routing protocol. Before that, we cover a security research post from Jfrog detailing a new python package hijacking method under active exploitation as well as an analysis of the Microsoft Windows Wi-Fi driver remote code execution vulnerability patched last June.  
Published 09/09/24
This week on the podcast, we discuss the US government's push to investigate the risks that TP-Link network devices introduce to national security. Before that, we give an update on the NPD data breach from last week as well as the threat actor behind it. We also discuss an ongoing cyber incident at the Port of Seattle.
Published 08/26/24
https://youtu.be/jVSMBcT3GnI This week on the podcast, we cover the National Public Data breach that may have leaked every American's social security number. After that, we discuss research from TALOS on how attackers can abuse Microsoft applications on macOS to gain access to your camera and microphone. We end the episode by discussing recent research on how attackers are attempting to evade Endpoint Detection and Response (EDR) tools.
Published 08/26/24
https://youtu.be/wft_hpC-_Wo This week on the podcast, we cover the National Public Data breach that may have leaked every American's social security number. After that, we discuss research from TALOS on how attackers can abuse Microsoft applications on macOS to gain access to your camera and microphone. We end the episode by discussing recent research on how attackers are attempting to evade Endpoint Detection and Response (EDR) tools.
Published 08/19/24
This week on the podcast, we cover the National Public Data breach that may have leaked every American's social security number. After that, we discuss research from TALOS on how attackers can abuse Microsoft applications on macOS to gain access to your camera and microphone. We end the episode by discussing recent research on how attackers are attempting to evade Endpoint Detection and Response (EDR) tools.
Published 08/19/24
This week on the podcast, we round out our takeaways from the Black Hat and Def Con security conferences in Las Vegas. We go through 4 talks across both conferences that were especially interesting either for nostalgia or modern impact.
Published 08/12/24
https://youtu.be/0jX-2UYlf8Q This week on the podcast, we round out our takeaways from the Black Hat and Def Con security conferences in Las Vegas. We go through 4 talks across both conferences that were especially interesting either for nostalgia or modern impact.
Published 08/12/24
On this episode of the podcast, we have another recap from the BlackHat security conference in Las Vegas. This time we discuss a new initiative to protect the world from deepfakes, followed by a penetration testing engagement that proved immutable backups doesn't always mean available backups.
Published 08/10/24
https://youtu.be/4IWdQ249z_M On this episode of the podcast, we have another recap from the BlackHat security conference in Las Vegas. This time we discuss a new initiative to protect the world from deepfakes, followed by a penetration testing engagement that proved immutable backups doesn't always mean available backups.
Published 08/10/24
On this episode of the podcast, we cover our two favorite briefings from the first day at the Black Hat security conference. We start with our thoughts on "shadow resources" in cloud environments before giving an update to last week's episode with additional research into AI-as-a-Service attacks.
Published 08/08/24
https://youtu.be/cEiPjW_STUU On this episode of the podcast, we cover our two favorite briefings from the first day at the Black Hat security conference. We start with our thoughts on "shadow resources" in cloud environments before giving an update to last week's episode with additional research into AI-as-a-Service attacks.
Published 08/08/24
https://youtu.be/PTm87MQS-Z8 This week we will be attending Hacker Summer camp in Las Vegas. We will be publishing a recap each day focusing on our key takeaways.
Published 08/06/24
https://youtu.be/AMwgW11DT1c This week on the episode, we walk through CrowdStrike's preliminary post incident report to understand exactly what happened during the July 19th outage and what all software vendors can learn from the event. After that, we cover a clever plot that lead to KnowBe4 hiring a North Korean threat actor. We end with some research from Wiz on Artificial Intelligence tenant isolation.
Published 07/29/24
This week on the episode, we walk through CrowdStrike's preliminary post incident report to understand exactly what happened during the July 19th outage and what all software vendors can learn from the event. After that, we cover a clever plot that lead to KnowBe4 hiring a North Korean threat actor. We end with some research from Wiz on Artificial Intelligence tenant isolation.
Published 07/26/24
In this daily security byte with WatchGuard CSO, Corey Nachreiner, he explains the recent Global IT outage cause by a CrowdStrike update. We also follow-up on RockYou and the RockYou2024 data dump of 10 billion records.
Published 07/20/24