Security Weekly Podcast Network (Audio)

Bad Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, GreatXML, Bitlocker, Peoplesoft, Josh Marpet, and More on this episode of the Security Weekly News.
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn-589

In the security news:
Trolling Microsoft With Vulnerabilities
Fable 5 loves guardrails
Binwalk vulnerability
EMBA and local models
EDRChoker
AI worms
Interesting Arista vulnerability added to KEV
BOD 26-04 and stakeholder specific vulnerability categorization
Bring your own execution environment
Homelab tips
MikroTik routers as interceptors
Ivanti Sentry and irony
Smart TV botnets
Privacy laws
Solarwinds Serv-U lives on
More Cisco SD-WAN fun!
Russia can jam GPS
No nudes for you says UK Government
"Why would someone want to learn code when AI does it better and faster?"
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-930

AI is reshaping innovation as businesses embed it into core operations and move more processes online. This transformation is often seen as a tradeoff between innovation and data risk, but that assumption is wrong. Businesses can innovate and scale in the AI era while maintaining strong data security, ensuring protection, compliance, and control remain intact.
Segment Resources:
Check out these assets from Fortra for more information around Data Security for AI.
Learn more about our Data Security suite: https://www.fortra.com/solutions/data-protection
Get the ungated guide: Secure AI Innovation > https://www.fortra.com/resources/guides/secure-ai-innovation
Read the blog: Staying Compliant While Using AI: What CISOs Need to Know https://www.fortra.com/blog/staying-compliant-while-using-ai-what-cisos-need-know
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!
In the leadership and communications segment, Lost in translation: Cybersecurity board reporting for CISOs, AI may finally unlock the cyber budgets CISOs have wanted for years, How People Actually Get to the C-Suite in S&P 500 Companies, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-451

Geinbot, SolarWinds, Brave, UNK_Deaddrop, durabletask, Insta, Aaran Leyland, and More on the Security Weekly News.
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn-588

Most AppSec teams are working through more findings than their teams can validate. SAST surfaces thousands of potential issues. DAST generates alert volume that outpaces triage capacity. Somewhere in that output are the vulnerabilities that matter, the ones that are actually exploitable in production. This conversation explores why automated testing often stops short of the hardest part of the job: proving what is real. We dig into how business logic flaws and authorization vulnerabilities get missed by tools that scan without reasoning, what exploit validation looks like at runtime, and how security engineers are shifting toward findings that developers will actually act on.
The segment is sponsored by XBOW. Visit https://securityweekly.com/xbow to see how autonomous AI pentesting delivers expert-quality findings in hours with real exploit validation your team can actually act on.
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-386