Security Weekly Podcast Network (Audio)

In the security news this week: Residential proxy abuse is everywhere this week: from Google’s takedown of IPIDEA to massive Citrix NetScaler scanning and the Badbox 2.0 botnet Supply chain fun time: Notepad++ updates were hijacked Attackers set their sights on: Ivanti EPMM, Dell Unity storage, Fortinet VPNs/firewalls, and ASUSTOR NAS devices Russian state hackers went after Poland’s grid Is ICE on a surveillance shopping spree and into hacking anti-ICE apps? Ukraine’s war-time Starlink problem is turning into a policy and controls experiment The AI security theme is alive and well with exposed LLM endpoints, OpenClaw/Moltbot/Moltbook fiasco, and letting anyone hijack agents Signed forensic driver for Windows is still an EDR killer The Trump administration’s rollback of software security attestation National Cyber Director Sean Cairncross says: “less regulation, more cooperation.” Finally, there are some “only in infosec” human stories: * pen testers arrested in Iowa now getting a settlement, * a Google engineer convicted over stolen AI IP, * Booz Allen losing Treasury work over intentional insider leaks, * and an “AI psychosis” saga at an adult-content platform. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-912

For decades, leadership was judged by outputs such as profit, speed, and results. But the real competitive advantage now lies beneath the surface of your P&L: Your culture, trust, and psychology driving every decision, including cybersecurity. Hacia Atherton, the author of The Billion Dollar Blind$pot, joins Business Security Weekly to discuss the invisible human costs — fear, burnout, disengagement — quietly draining performance. She will discuss the silent costs of outdated leadership and gives you a playbook to fix them for good, including: Self Leadership Psychological Success with Emotional Mastery Co-designing a Culture to Thrive Leaders need to turn emotional intelligence into a measurable business strategy. Because emotional intelligence isn’t optional anymore, it’s operational. Segment Resources: https://www.haciaatherton.com/ https://www.haciaatherton.com/billion-dollar-blindspot https://www.instagram.com/hacia.atherton/ In the leadership and communications segment, CEOs and CISOs differ on AI’s security value and risks, How to strategically balance cybersecurity investments, Succeeding as an Outsider in a Legacy Culture, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-433

DBII, Notepad++, Covenant, Fancy Bear, CTFs, Firefox, AI Slop, Josh Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-552

Everyone is turning to LLMs to generate code, including attackers. Thus, it's no great surprise that there are now examples of malware generated by LLMs. We discuss the implications of more malware with Rob Allen and what it means for orgs that want to protect themselves from ransomware. Resources https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/ https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/ https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-368

Segment 1: Interview with Warwick Webb From Initial Entry to Resilience: Understanding Modern Attack Flows Modern cyberattacks don’t unfold as isolated alerts--they move as coordinated attack flows that exploit gaps between tools, teams, and time. In this episode, Warwick Webb, Vice President of Managed Detection and Response at SentinelOne, breaks down how today’s breaches often begin invisibly, progress undetected through siloed security stacks, and accelerate faster than human response alone can handle. He’ll discuss how unified platforms, machine-speed detection powered by global threat intelligence, and expert-led response change the equation--turning fragmented signals into clear attack narratives. The conversation concludes with how organizations can move beyond incident response to build resilience, readiness, and continuous improvement through post-attack analysis. Listeners will leave with a clearer understanding of how attacks actually unfold in the real world—and what it takes to move from reactive alert handling to true attack-flow-driven defense. Segment Resources: Wayfinder MDR Solution Brief 451 MDR Report Managed Defense Redefined Blog This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them! Segments 2 and 3: The Weekly News In this week's enterprise security news, we’ve got funding free tools! the CISO’s craft agentic browsers tech companies are building cyber units? giving AI agents access to your entire life lots of dumpster fires in the industry today Cisco killed Kenna the state of AI in the SOC homemade EMP guns! don’t try this at home All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-444

The AI Grief Counselor Sketch, Fortinet, BSODs, WINRAR, Montreaux, Big Iron, Memory Prices, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-551

This week, we get un-curmudgeoned by Mandy, spending a bunch of time talking about regulations, compliance, and even the US federal government's commitment to cybersecurity internally and with the community at large. We even dive into some Microsoft patches, hacking defunct eScooters, and a lively discussion on ADS-B spoofing! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-911

The top social engineering attacks involve manipulating human psychology to gain access to sensitive information or systems. The most prevalent methods include various forms of phishing, pretexting, and baiting, which are often used as initial entry points for more complex attacks like business email compromise (BEC) and ransomware deployment. How do you control what users click on? Even with integrated email solutions, like Microsoft 365, you can't control what they click on. They see a convincing email, are in a rush, or are simply distracted. Next thing you know, they enter their credentials, approve the MFA prompt—and just like that, the cybercriminals get in with full access to users’ accounts. Is there anyway to stop this? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss how ThreatLocker Cloud Control leverages built-in intelligence to assess whether a connection from a protected device originates from a trusted network. By only allowing users from IP addresses and networks deemed trusted by ThreatLocker to get in—phishing and token theft attacks are rendered useless. So, no matter how successful cybercriminals are with their phishing attacks and token thefts—all their efforts are useless now. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, Finance and security leaders are at odds over cyber priorities, and it’s harming enterprises, The Importance of Strong Leadership in IT and Cybersecurity Teams, How CIOs [and CISOs] can retain talent as pay growth slows, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-432

Doombuds, Office 1.0, Telnetd, Chrome, Vishing, Cursed Ralph, PeckBirdy, The Boss, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-550

Supply chain security remains one of the biggest time sinks for appsec teams and developers, even making it onto the latest iteration of the OWASP Top 10 list. Paul Davis joins us to talk about strategies to proactively defend your environment from the different types of attacks that target supply chains and package dependencies. We also discuss how to gain some of the time back by being smarter about how to manage packages and even where the responsibility for managing the security of packages should be. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-367

Segment 1: Interview with Thyaga Vasudevan Hybrid by Design: Zero Trust, AI, and the Future of Data Control AI is reshaping how work gets done, accelerating decision-making and introducing new ways for data to be created, accessed, and shared. As a result, organizations must evolve Zero Trust beyond an access-only model into an inline data governance approach that continuously protects sensitive information wherever it moves. Securing access alone is no longer enough in an AI-driven world. In this episode, we’ll unpack why real-time visibility and control over data usage are now essential for safe AI adoption, accurate outcomes, and regulatory compliance. From preventing data leakage to governing how data is used by AI systems, security teams need controls that operate in the moment - across cloud, browser, SaaS, and on-prem environments - without slowing the business. We’ll also explore how growing data sovereignty and regulatory pressures are driving renewed interest in hybrid architectures. By combining cloud agility with local control, organizations can keep sensitive data protected, governed, and compliant, regardless of where it resides or how AI is applied. This segment is sponsored by Skyhigh Security. Visit https://securityweekly.com/skyhighsecurity to learn more about them! Segment 2: Why detection fails Caleb Sima put together a nice roundup of the issues around detection engineering struggles that I thought worth discussing. Amélie Koran also shared some interesting thoughts and experiences. Segment 3: Weekly Enterprise News Finally, in the enterprise security news, Fundings and acquisitions are going strong can cyber insurance be profitable? some new free tools shared by the community RSAC gets a new CEO Large-scale enterprise AI initiatives aren’t going well LLM impacts on exploit development AI vulnerabilities global risk reports floppies are still used daily, but not for long? All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-443

AI Cage Match, Fortinet, Cisco, DVWA, Polonium, Small Town AIs, LastPass, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-549

In the security news: Rainbow tables for everyone Lilygo releases a new T-Display that looks awesome AI generated malware for real Detecting BadUSB when its not a dongle A telnetd vulnerability Google Fast Pair and how I took control of your headset Should we make CVE noise? Exploiting the Fortinet patch DIY data diode Bambu NFC reader for your Flipper Payloads in PNG files Don't leave the lab door open - amazing research and new tool release Fixing your breadboards Finding vulnerabilities in AI using AI Then, Rob Allen from ThreatLocker joins us to discuss default allow, and why that is still a really bad idea. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-910

Key emerging risks include cybersecurity (41%) and Generative AI (Gen AI) (35%), both of which present challenges in skill development and retention. The growing reliance on external providers reflects these gaps. In two years, strategic risk has fallen 10% as technological advancements have shifted auditors’ attention away from strategy. So what are the top concerns? Tim Lietz, National Practice Leader Internal Audit Risk & Compliance at Jefferson Wells, joins Business Security Weekly to discuss the shifting priorities for internal audit leaders, with technology, business transformation and digitization remaining central amid rising economic uncertainty. This reflects the broader economic challenges and uncertainties that organizations are facing in the current environment. Tim will discuss the need for enhanced skills inAI, cybersecurity and digital transformation and why Internal Audit is increasingly seen as a strategic partner in navigating transformation within their organizations. Segment Resources: - https://www.jeffersonwells.com/en/internal-audit-report-2025 In the leadership and communications segment, Conventional Cybersecurity Won’t Protect Your AI, Will Cybersecurity Budgets Increase in 2026?, To Execute a Unified Strategy, Leaders Need to Shadow Each Other, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-431

Carla the Ogre, extensions, Crashfix, Gemini, ChatGPT Health, Dark AI, MCP, Joshua Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-548

MongoBleed and a recent OWASP CRS bypass show how parsing problems remain a source of security flaws regardless of programming language. We talk with Kalyani Pawar about how these problems rank against the Top 25 CWEs for 2025 and what it means for relying on LLMs to generate code. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-366

Segment 1 with Beck Norris - Making vulnerability management actually work Vulnerability management is often treated as a tooling or patching problem, yet many organizations struggle to reduce real cyber risk despite heavy investment. In this episode, Beck Norris explains why effective vulnerability management starts with governance and risk context, depends on multiple interconnected security disciplines, and ultimately succeeds or fails based on accountability, metrics, and operational maturity. Drawing from the aviation industry—one of the most regulated and safety-critical environments—Beck translates lessons that apply broadly across regulated and large-scale enterprises, including healthcare, financial services, and critical infrastructure. Segment 2 with Ryan Fried and Jose Toledo - Making incident response actually work Organizations statistically have decent to excellent spending on cybersecurity: they have what should be sufficient staff and some good tools. When they get hit with an attack, however, the response is often an unorganized, poorly communicated mess! What’s going on here, why does this happen??? Not to worry. Ryan and José join us in this segment to offer some insight into why this happens and how to ensure it never happens again! Segment Resources: [Mandiant - Best practices for incident response planning] (https://services.google.com/fh/files/misc/mandiantincidentresponsebestpractices_2025.pdf?linkId=19287933) Beyond Cyberattacks: Evolution of Incident Response in 2026 Segment 3 - Weekly Enterprise News Finally, in the enterprise security news, Almost no funding… Oops, all acquisitions! Changes in how the US handles financial crimes and international hacking Mass scans looking for exposed LLMs The state of Prompt injection be careful with Chrome extensions and home electronics from unknown brands Is China done with the West? All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-442

Miss Cleo, Whisperpair, Fortisiem, REDVDS, Google, Spying, Rob Allen from Threatlocker, and More on this episode of the Security Weekly News. Segment Resources: https://www.cybersecuritydive.com/news/telecom-ransomware-spike-cyble/809224/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-547

In the security news: KVMs are a hacker's dream Hacking an e-scooter Flipper Zero alternatives The best authentication bypass Pwning Claude Code ForiSIEM, vulnerabilities, and exploits Microsoft patches and Secure Boot fun Making Windows great, again? Breaching the Breach Forum Congressional Emails unsolicited Instagram password reset requests - Is Meta doing enough to secure the platform? LLMs are HIPAA compliant? Threat actors target LLM honeypots Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-909

The three proactive security principles of visibility, prioritization, and remediation have always been the foundation of vulnerability management teams. But these teams face continuous challenges. How do you address these challenges? Erik Nost, Senior Analyst at Forrester, joins Business Security Weekly to break down the six questions that need to be answered for each proactive security principle: who, what, when, where, why, and how. The introduction of generative AI (genAI) into proactive security promises to provide a broader and speedier ability to answer these questions, providing further opportunities for the proactive security market to grow. In the leadership and communications segment, What the CEO and C-Suite Must Ask Before Building an AI Enabled Enterprise, Don’t Underestimate the Value of Professional Friendships, What Kevin Bacon Can Teach You About Cybersecurity Career, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-430