AI-Obfuscating Malware, China Influence Ops, and Meta’s Fraud Fortune and Jason Wood - SWN #527
This week we have AI-Obfuscating Malware, China Influence Ops, and Meta’s Fraud Fortune, Jason Wood, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-527
--------
44:40
--------
44:40
Turning To The Darkside & AI Cyberslop - PSW #899
This week: Reversing keyboard firmware Ghost networks Invasion of the face changers Ghost tapping and whole lot of FUD AI doesn't code securely, but Aardvark can secure code De-Googling Thermostats Dodgy Android TV boxes can run Debian HackRF vs. Honda Cyberslop AI paper Turning to the darkside Poisoning the watering hole Nagios vulnerabilities VPNs are a target Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-899
--------
2:07:54
--------
2:07:54
Defense Against Configurations as CIOs and CISOs Show Value Through Risks and Metrics - Rob Allen - BSW #420
What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment’s compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can: Identify misconfigurations before they become exploited vulnerabilities Monitor configuration compliance with major frameworks Receive clear, actionable remediation guidance and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can’t Succeed Without a Talent Strategy, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-420
--------
49:31
--------
49:31
Rogue Negotiators, Gemini Pulled, Apple’s AI Shift, Disappearing CAPTCHAs, and More! - SWN #526
Rogue Negotiators, Gemini Pulled, Apple’s AI Shift, Disappearing CAPTCHAs, and Aaran Leyland on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-526
--------
32:31
--------
32:31
Researching and Remediating RCEs via GitHub Actions - Bar Kaduri, Roi Nisimi - ASW #355
Pull requests are a core part of collaboration, whether in open or closed source. GitHub has documented some of the security consequences of misconfiguring how PRs can trigger actions. But what happens when repo owners don't read the docs? Bar Kaduri and Roi Nisimi walk through their experience in reading docs, finding vulns, demonstrating exploits, and working with repo owners to improve their security. Their work highlights the challenges in maintaining good security guidance, figuring out secure defaults, and how so many orgs still struggle with triaging external security reports -- something that's becoming even more challenging when orgs are being flooded with low-quality reports from LLMs. Segment Resources: https://orca.security/resources/blog/pull-request-nightmare-github-actions-rce/ https://orca.security/resources/blog/pull-request-nightmare-part-2-exploits/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-355
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape.
Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
Escucha Security Weekly Podcast Network (Audio), Narcosistema con Anabel Hernández y muchos más podcasts de todo el mundo con la aplicación de radio.net
México