Security Weekly Podcast Network (Video)

Interview with Dimitri Sirota from BigID
Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework.
Segment Resources:
BigID's Agent Access Management Guide
BigID's podcast, CTRL + ALT + AI
This Week's Topic: Cascading Breaches
We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend:
How we can stop the chain of breaches from a third party library, vendor, or service provider
How this might get handled at the legal, contractual, and organizational levels
We discuss two big recent examples:
Sonicwall's 2025 breach of their cloud firewall configuration backup service
The compromise of Aqua Security's widely used Trivy open source tool
The Weekly Enterprise News
Finally, in the enterprise security news,
Funding and M&A courtesy of the Security, Funded newsletter
We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this)
The Angry admin problem emerges again
Vulnerability information is getting crazy to keep up with
Breach information is getting crazy to keep up with
You can give your Agents an allowance now - don't spend it all in one place
Are vulnerabilities sparse or dense?
Mythos, as a model, isn't all that special
Deploy your own deception sensors!
Japan made something weird. Again.
All that and more, on this episode of Enterprise Security Weekly.
This segment is sponsored by BigID. Visit https://securityweekly.com/bigid to learn more about them!
Show Notes: https://securityweekly.com/esw-459

Cisco Catalyst, Canvas, Exchange 0-Days, BitLocker Bypass, Mini Shai Hulud, Node IPC, Patch Tuesday, GPT-5.5, Supply Chain Attacks, and More on the Security Weekly News
Show Notes: https://securityweekly.com/swn-581

This week:
New Yellowkey bitlocker bypass and what it means for you
Hackers can run you over with a robot lawnmower
FCC says new things about routers, again
Glitching with AI
almost no false positives
AI thought it was evil
DirtyFrag and the sad state of Linux LPEs
You can buy better tools, perfect security, and other lies
The Canvas breach
Hackers can still take over trains
Baby monitors, on the Internet!
dnsmasq flaws I am now paying attention to
Swordfish
A neat vulnerability for ransomware
Mythos, Curl, and how to do secure software
Various ways to use AI to find bugs, spoiler, you don't need Mythos
Show Notes: https://securityweekly.com/psw-926

Legal departments are under continual pressure to solve problems effectively and integrate innovative technology all while reducing costs and complexity. Enter cybersecurity, a complex and potentially costly risk. How should legal departments prepare?
Walter Wilkens, Head of Delivery, North America at DWF Legal Operations, joins Business Security Weekly to discuss how legal operations can help optimize your legal department by eliminating bottlenecks, identifying and fixinginefficiencies and developing processes tailored to enhance your team's performance. Walter will discuss how you can move from a lack of coordination to a structured legal operations to address cyber incidents before and after the event.
In the leadership and communications segment, The Art of Security: It Is Time to Rethink the CISO's Role, The Best Leaders Embrace the Role of Supporting Character, Empathetic Leadership Can Make or Break AI Adoption, and more!
Show Notes: https://securityweekly.com/bsw-447

Tomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Marketing, Shai Haluds, Giedi Prime, Aaran Leyland, and More on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-580