In this segment, we are going to discuss linux security and using the Rust programming language with an Offensive MindSet, and our guest Charles Shirer!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw761

This week in the Security News: A Security Maturity Model for Hardware Development, Palo Alto Networks fixed a high-severity auth bypass flaw in PAN-OS, New UEFI rootkit Black Lotus offered for sale at $5,000, What are SBOMS, & Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw760

Chris Crowley, SOC-Class Course Author, SANS Senior Instructor, and Consultant at Montance® LLC, joins PSW to discuss SOC training and development best practices, including insights from the SANS annual SOC survey.   This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw760

Michael Meis, associate CISO at the University of Kansas Health System, joins PSW to discuss how the history of warfare has influenced modern-day cybercrime and how cyber leaders can shift to a victory mindset.   This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw760

This week in the Security News: The secrets of Schneider Electric’s UMAS protocol, Pixel 6 bootloader: Emulation, Securing Developer Tools: A New Supply Chain Attack on PHP, Microsoft Exchange double zero-day – “like ProxyShell, only different”, Tech Journalists Offered Bribes to Write Articles for Major Outlets, & Detecting Deepfake Audio!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw759

As Vice President of Threat Research & Intelligence at BlackBerry, Ismael Valenzuela leads threat research, intelligence, and defensive innovation. Ismael has participated as a security professional in numerous projects around the world for over the past two decades. In this episode, Ismael discusses his journey to become a top cybersecurity expert. We also explore the cybersecurity trends he and his team are seeing, and how cyber attackers are gaining a foothold and maintaining persistence. Segment Resources: https://www.blackberry.com/us/en/company/research-and-intelligence https://blogs.blackberry.com/en/2022/09/the-curious-case-of-monti-ransomware-a-real-world-doppelganger https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw759

In the Security News: deep access, dell drivers for the win, detecting deep fakes with acoustic tracking, exchanging 0days, I got 99 embedded firmware security problems, executing in SMM, secure boot to the rescue, automation or a crappy pen test, PHP supply chain attacks, pig butchering, fake profiles, & bribing journalists!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw758

Red Balloon Security CEO Ang Cui has spent over a decade looking into the most critical devices supporting our infrastructure. He explains why the insight that launched his company still holds true, and what it will take for security experts, manufacturers and end users to resolve our insecure stasis. Segment Resources: https://redballoonsecurity.com/ https://ofrak.com/ https://github.com/redballoonsecurity/ofrak https://redballoonsecurity.com/def-con-30-badge-fun-with-ofrak/ https://www.wired.com/story/ofrak-iot-reverse-engineering-tool/ https://www.bloomberg.com/news/articles/2022-01-11/researchers-show-how-hackers-can-cut-the-lights-with-rogue-code   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw758

This week, we're joined by Casey Ellis to discuss a Telco breach from a land down under, UK government sits out bug bounty boom but welcomes vulnerability disclosure, Karakurt Data Extortion Group, Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack, being caught with your pants down, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw757

Hackers rarely break through crypto or exploit fancy zero days. Most of the time they simply login using stolen credentials. Managing passwords, keys and other forms of secrets does not work at scale. In this segment we’ll look into a more radical approach to infrastructure security: getting rid of secrets entirely and moving to access control based on physical properties of humans and machines.   This segment is sponsored by Teleport. Visit https://securityweekly.com/teleport to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw757

In the Security News: Bloodhound's blind spots, Interactable Giraffe, don't use open-source, it has too many vulnerabilities, MFA fatigue, tamper protection, use-after-freedom, how not to do software updates, hacking gamers, stealing Teslas, safer Linux, trojan putty, there's money in your account, game leak makes history, GPS jammers, Uber blames LAPSUS, spying on your monitor from a zoom call, next-generation IPS with AI and ML for zero day exploit detection, 3D printed meat, and what to do when the highway is covered with what is usually kept in the nightstand... Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw756

Sinan Eren, the VP of Zero Trust at Barracuda joins to discuss various aspects of MFA Fatigue & Authentication with the PSW crew! Segment Resources: https://assets.barracuda.com/assets/docs/dms/NetSec_Report_The_State_of_IIoT_final.pdf This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw756

In the Security News: you liked the browser so much we put a browser in your browser, hackers are using sock puppets, the patch that kills performance, detect eavesdroppers, no more passwords, one-click account hijack thanks to JavaScript, the return of Shakata Ga Nai, GIFShell (or is it jifshell), Lexmark firmware confusion, and searching for a long lost copy of OS/2!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw755

Analyst burnout and the talent shortage are creating environments where teams are stressed out, overwhelmed, and frustrated. Security Operations managers (or anyone managing teams of security analysts) must empower their analysts with solutions that can make them more effective at their job. No-code automation is the ultimate solution to do that. Segment Resources: https://www.tines.com/reports/voice-of-the-soc-analyst/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw755

In the Security News: Lastpas breach, long live John McAfee, Macs getting fewer updates, CPE correlating to CVE, clicky clicky hacks, anti-cheat is not anti-hack, new LVFS release, $8 million zero day, don't sign crappy code, a very handy PI and a site that lets you send poop anonymously is hacked (it was a pretty crappy exploit)!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw754

Training and education is a constant conversation within the cybersecurity community, but it doesn't have to be a hard problem to solve. We will discuss how to bring both valuable and actionable information into the industry and how that makes an impact, even in unexpected ways -- for better or for worse. Segment Resources: https://youtube.com/johnhammond010   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw754

This week in the Security News: Crypto Miners Using Tox P2P Messenger as Command and Control Server, 8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe, & Janet Jackson music video given CVE for crashing laptops, & more! Segment Resources: Use code "securityweekly" to save 10% off Hack Red Con tickets at https://www.hackredcon.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw753

There's a lot of worry about "fakes" especially in a world rapidly adopting AI/ML, so it's time for solutions. "Solid" is the W3C open standard, extending HTTPS, to upgrade the Web with security paradigms that solve for data integrity. Distributed systems naturally break through digital moats, free control through proper ownership, thus helping expand and achieve the best of the Internet.   Segment Resources: https://solidproject.org/ https://github.com/inrupt https://www.flyingpenguin.com/?p=29523 https://alltechishuman.org/davi-ottenheimer https://www.schneier.com/blog/archives/2020/02/inrupt_tim_bern.html https://events.inrupt.com/dublin   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw753

Larry, Doug, Lee, Josh, and Chris Blask cover the security news! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw752

We don’t like it, but the hopeful internet we envisioned doesn’t look much like the internet as it exists today. Online conflict is widespread and at times the internet hurts more than it helps. In this podcast, we’ll discuss ways to inform today’s enterprise defense by better understanding strategy, tactics and operational art from government influence operations, electronic warfare, and cyberspace operations.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw752

We welcome the infamous Eclypsium security researchers Mickey and Jesse to talk about Secure Boot vulnerabilities. They walk us through the history of Secure Boot, how it works, previous research they've performed ("Boothole"), and some details on their current research presented at Defcon this year in a talk titled "One bootloader to rule them all".    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw751

In the Security News, key fob hacks and stealing cars, the best Black hat and defcon talks of all-time, open redirects are still open, the keys to decrypt the wizard of oz are in a strange place, why the Linux desktop sucks, why businesses should all switch to Linux desktops, SGX attacks, let me send you an Uber to take you to the bank, 27-factor authentication, start your management engines, and guess what, your DMs are not private and you should have used Signal.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw751

In the Security News: when hackers are not behind and outage, when hackers are behind re-routing traffic, neat pseudo-keystroke loggers, when XSS leads to code excution, TLS inside, post-quantum encryption that doesn't hold up to pre-quantum computers, Lockbit loading Cobalt Strike using Windows Defender, we love authentication bypass, and impress your co-workers with my Linux command of the week, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw750

Guy will go through some of his career choices that eventually led to 25 years in a long and fun career in information and cybersecurity. Infosec has been a fascinating and challenging field which anyone can learn through training and some of the excellent YouTube videos.   Segment Resources: http://handlers.sans.org/gbruneau/ https://isc.sans.edu/handler_list.html#guy-bruneau   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw750

In the Security News FreeBSD and the software supply chain, open-source implies that its open, hardcoded passwords are always bad, on-again, off-again, on-again, privilege escelation defined, preparing for quantum, so many vulnerabilities, CosmicStrand another UEFI firmware rootkit, & reviving ancient computers!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw749

We’ve heard about the recent abuses for Apple’s AirTags used in tracking and stalking issues in recent months. While tools exist for detection under the Apple ecosystem, limited options exist for Android and none under Linux. We’ll explore the AirTag beacons and showcase some tools for detecting beacons and creating our own for testing under Linux. We’ll also show some ways to take our methods even further as an exercise left unto the reader.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw749

In the Security News for this week: heat waves and outages, GPS trackers are vulnerable, cracks in the Linux firewall, bas password crackers, microcode decryptors, SATA antennas, Okta vulnerabilities not vulnerabilities, updates on former CIA agent and Vault 7 leaks, decompiler explorer, and Tuxedo brings to market a liquid cooled laptop, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw748

We are thrilled to welcome Lesley (@hacks4pancakes) back to the show! In this segment, we'll dig into some ICS security topics including some recent threats, monitoring ICS networks for security, incident response for ICS, and more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw748

In the Security News for this week: Raspberry Pi Pico W Adds Wireless, Apple expands commitment to protect users from mercenary spyware, UK health authorities slammed for WhatsApp use in pandemic, Three UEFI Firmware flaws found in tens of Lenovo Notebook models, & a Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw747

Andy will explain the origin story of BloodHound, as well as where the project is today and where it's going in the future. Andy will also share his current research surrounding Azure attack paths. Segment Resources: https://github.com/BloodHoundAD/BloodHound https://medium.com/p/82667d17187a   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw747

This week in the Security News: Chaining Zoom bugs is possible to hack users in a chat by sending them a message, Microsoft vulnerabilities down for 2021, CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog, Using NMAP to Assess Hosts in Load Balanced Clusters, Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw742

John will go through his mostly random career choices that led to a long and fun career in information/cybersecurity - and how that ties into today's demand to secure the increase complex supply web of chains.   Segment Resources: SANS Cyberstart initiative - https://www.cyberstartamerica.org/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw742

In the Security News for this week: ICS training bill, 5 myths, VoIP devices and ransomware, miracle exploits, UnRAR and Zimbra, guess what the most common weakness is, security at the device level is NOT simple, keys to the kingdom, and HP says Destructive firmware attacks pose a significant threat to businesses!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw746

Veteran cybersecurity journalist and author Joseph Menn, now at the Washington Post, talks about his books and the best reporting on hacking and defense today. Since he began writing on the subject in 1999, Menn has broken some of the biggest stories in the industry and written two of most widely read books in the Cybersecurity Canon.   Segment Resources: https://www.amazon.com/Joseph-Menn/e/B001HD1MF6%3Fref=dbs_a_mng_rwt_scns_share https://www.washingtonpost.com/technology/2022/05/01/russia-cyber-attacks-hacking/ https://www.reuters.com/investigates/special-report/usa-politics-beto-orourke/ https://www.reuters.com/article/us-usa-security-rsa/exclusive-secret-contract-tied-nsa-and-security-industry-pioneer-idUSBRE9BJ1C220131220 https://www.reuters.com/article/microsoft-china/insight-microsoft-failed-to-warn-victims-of-chinese-email-hack-former-employees-idUKL1N14I1LU20151231 https://www.wired.com/story/cult-of-the-dead-cow-at-stake-hackers-excerpt/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw746

In the Security News for this week: appliances with holes, gamification and its pitfalls, false rocket sirens, PHP strikes again, new laws we may actually agree with, hacking jacuzzis, Icefall and the state of ICS security, Adobe is blocking anti-virus, Mega is Mega insecure, Microcorruption CTF and DIY NSA playset!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw745

Many people think security is too difficult to learn because it is such a big field, and constantly growing. But it's endlessly fascinating and surprising, once you learn some fundamentals and get used to feeling stupid. My task is to help people get started, and learn how to appreciate this complex and challenging topic.   Segment Resources: https://samsclass.info/ https://infosecdecoded.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw745

This week in the Security News: Big DDOS, tracking smartphones, play Doom in your BIOS, hertzbleed, Apple M1 vulnerability, who will buy NSO, spoof your location data, building system attacks, and a hacker's revenge!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw744

Michigan has a group of volunteers who assist local governments and public services with incident response. The program is relatively mature, and will be presented (along with those of Ohio and Wisconsin) at the upcoming National Governors Association Cybersecurity Summit. Come hear the interview and scoop the governors!   Segment Resources: Our home page http://micybercorps.org Our supporting legislation https://www.legislature.mi.gov/documents/mcl/pdf/mcl-Act-132-of-2017.pdf Our partner organization https://www.michigan.gov/dtmb/services/cybersecurity/cyber-partners Key article in moving our development forward - https://warontherocks.com/2018/01/estonias-approach-cyber-defense-feasible-united-states/ An article with more info https://www.lawfareblog.com/bridging-state-level-cybersecurity-resources   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw744

This segment will be an opportunity to discuss web application client-side security with subject matter expert Matt McGuirk from Source Defense. Modern web applications have a massive and misunderstood attack surface that exists within the webpages they serve. Potential discussion topics: - A visual overview of the problem - A simulated client-side attack - How to evaluate client-side risk on a given web site - What technologies are available to defend against client-side attacks - Historical case studies of landmark attacks   Segment Resources: "Magecart 101" - a courseware-style overview of the problem for security practioners: https://www.youtube.com/watch?v=T4al8idAE_M A quick five minute explainer on the problem and Source Defense's solution: https://www.youtube.com/watch?v=f8MO45EQcKY Source Defense's brand new (as of 5/25/22) "State of the Industry" report for client-side security: https://info.sourcedefense.com/third-party-digital-supply-chain-report-white-papere   This segment is sponsored by Source Defense. Visit https://securityweekly.com/sourcedefense to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw743

This week in the Security News: Analyzing chat logs with Python, consumer reports for IoT, hypothetically BS, the year of the Linux desktop and the year of Linux malware are the same, do you trust Google to tell you open-source software is secure?, Twitter fines, WSL attack vector, Follina, UK Government still won't pay a bounty, and ransomware that makes you a better person!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw743

In the Security News for this week: Singapore launches safety rating system for e-commerce sites, Watch Out for Zyxel Firewalls RCE Vulnerability, New Bluetooth hack that can unlock your Tesla, Hackers Compromise a String of NFT Discord Channels, a pentester’s attempt to be ‘as realistic as possible’ backfires, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw741

In this segment Saumil Shah joins us for a discussion on Firmware Security, complete with a fascinating first-hand demonstration!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw741

The past year has been filled with incredible changes in the cyber security landscape from ICS, Mobile, Cloud, and increased threats from Ransomware. This discussion will focus on crucial and quick discussions surrounding the cyber landscape that has changed quickly and forced organizations to consider revamping many of their policies and preparations. Join us for a humorous, and insightful journey back over the past year filled with examples for practitioners, organizations, and those just starting in cyber security.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw741

In the Security News for this week: Colonial Pipeline facing $1,000,000 fine, cybercrime tracking bill signed into law, Lincoln College Set to Close After Crippling Cyberattack, Nvidia’s LHR limiter bypassed, & North Carolina Becomes the First State to Prohibit Public Entities from Paying Ransoms!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw740

In-depth look at destructive malware and other threats the Barracuda team has been monitoring that you need to be aware of.   This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw740

In the Security News for this week: Lessons from Star Wars on threats, more than just your thermal exhaust port, Pegasus spotted again, Python replaces JavaScript?, Read-Only containers, no problem for malware, breaking out of captive portals, its always DNS, except when its not DNS, but this time its DNS and uClibc, you are ordered to block these sites, ransomeware still hurts, DoD contractors remain vulnerable, hiding in network appliances, QUIETEXIT, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw739

Especially ICS represents a significant exposure to property and business operations. A scientific research-based approach to loss prevention for traditional property perils can be applied to help protect companies from cyber risk to keep their businesses more resilient.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw739

This week in the Security News: Java’s “psychic paper”, Musk’s plans for Twitter’s algorithm, Bossware, What Google is getting wrong about expired domains, & NFT Tweet Auctions, Silk Road Seizures, 0-Days, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw738