Security Weekly Podcast Network (Audio)

In the security news:

• KVMs are a hacker's dream
• Hacking an e-scooter
• Flipper Zero alternatives
• The best authentication bypass
• Pwning Claude Code
• ForiSIEM, vulnerabilities, and exploits
• Microsoft patches and Secure Boot fun
• Making Windows great, again?
• Breaching the Breach Forum
• Congressional Emails
• unsolicited Instagram password reset requests - Is Meta doing enough to secure the platform?
• LLMs are HIPAA compliant?
• Threat acto...

The three proactive security principles of visibility, prioritization, and remediation have always been the foundation of vulnerability management teams. But these teams face continuous challenges. How do you address these challenges?

Erik Nost, Senior Analyst at Forrester, joins Business Security Weekly to break down the six questions that need to be answered for each proactive security principle: who, what, when, where, why, and ...

Not all infosec advice is helpful. Bad advice wastes time, makes people less secure, and takes focus away from making software more secure. Bob Lord talks about his efforts to tamp down hacklore -- the security myths and mistakes that crop up in news stories and advice to users. He talks about how these myths come about, why they're harmful, and how they're related to the necessity of building software that's secure by design.

Segm...

First Topic - Podcast Content Plans for 2026

Every year, I like to sit down and consider what the podcast should be focusing on. Not doing so ensures every single episode will be about AI and nobody wants that. Least of all, me. If I have one more all-AI episode, my head is going to explode.

With that said, most of what we talk about in this segment is AI (picard face palm.png). I think 2026 will be THE defining year for G...

This week in the security news:

• Supply chain attacks and XSS
• PS5 leaked keys
• Claude tips for security pros
• No Flipper Zeros allowed, or Raspberry PIs for that matter
• Kimwolf and your local network
• Linux is good now
• Removing unremovable apps without root
• Detecting lag catches infiltrators
• Defending your KVM
• Fixing some of the oldest code
• Deleting websites live on stage in costume
• It was a honeypot
• FCC is letting telecoms off ea...

Cyber threats and cyber criminals indiscriminately target the old as well as young regardless of race, creed or origin. Teens and young adults must realize that on the Internet nobody knows you’re a rat. How do we keep kids and young adults safe in an era of AI-driven attacks?

Tom Arnold, Adjunct Professor, Digital Evidence & Forensics, Cybersecurity Graduate Program at the University of Nevada Las Vegas, joins Business Security We...

Developers are adding LLMs to their code creation toolboxes, using them to assist with writing and reviewing code. Chris Wysopal talks about the security downsides of relying on LLMs and how appsec needs to adapt to dealing with more code at a faster pace.

Resources

• https://www.veracode.com/blog/genai-code-security-report/

• https://www.veracode.com/blog/ai-code-security-october-update/

• https://www.veracode.com/resources/a...

For our first episode of the new year, we thought it would be appropriate to dig into some cybersecurity predictions.

First, we cover the very nature of predictions and why they're often so bad. To understand this, we get into logical fallacies and cognitive biases.

In the next segment, we cover some 2025 predictions we found on the Internet.

In the final segment, we discuss 2026, drop some of our own predictions, and talk about wh...

Cloud breaches don’t always start in the cloud, but they do end there. To defeat an attacker you need to understand their mission target along with the access points available to them, regardless of whether they reside within or beyond the cloud. SentinelOne is purpose-built to stop attacks wherever they originate - from within and beyond the cloud. This year’s OneCon aims to showcase exactly how Singularity Cloud Security can be a...

Our field is booming! Cybersecurity jobs are projected to grow 33 percent through 2033, far outpacing the average 4 percent growth across all jobs. (And yes, those stats could be made up, but they sound nice, eh?) Yet newcomers often feel paralyzed by where to start. The truth? There's no single "right path," but there are proven strategies that work. The field needs people at all levels, and you don't need a four-year degree to br...

CISO pressures are on the rise - board expectations, executive alignment, AI, and personal liability - and that's all on top of your normal security pressures. With all these pressures, CISO burnout is on the rise. How do we detect it and help prevent it? Easier said than done. In this Say Easy, Do Hard segment, we tackle the health and wellness of the CISO.

In part 1, we discuss the increased pressures CISOs face. We all know them...

SentinelOne announced a series of new innovative designations and integrations with Amazon Web Services (AWS), designed to bring the full benefits of AI security to AWS customers today. From securing GenAI usage in the workplace, to protecting AI infrastructure to leveraging agentic AI and automation to speed investigations and incident response, SentinelOne is empowering organizations to confidently build, operate, and secure the ...

In an era dominated by AI-powered security tools and cloud-native architectures, are traditional Web Application Firewalls still relevant? Join us as we speak with Felipe Zipitria, co-leader of the OWASP Core Rule Set (CRS) project. Felipe has been at the forefront of open-source security, leading the development of one of the world's most widely deployed WAF rule sets, trusted by organizations globally to protect their web applica...

For this week's episode of Enterprise Security Weekly, there wasn't a lot of time to prepare. I had to do 5 podcasts in about 8 days leading up to the holiday break, so I decided to just roll with a general chat and see how it went.

Also, apologies, for any audio quality issues, as the meal I promised to make for dinner this day required a lot of prep, so I was in the kitchen for the whole episode! For reference, I made the recipe ...

You survived the click—but now the click has evolved. In Part 2, the crew follows phishing and ransomware down the rabbit hole into double extortion, initial access brokers, cyber insurance drama, and the unsettling rise of agentic AI that can click, run scripts, and make bad decisions for you. The conversation spans ransomware economics, why paying criminals is a terrible plan with no guarantees, and how AI is turning social engin...

The crew makes suggestions for building a hacking lab today! We will tackle:

• What is recommended today to build a lab, given the latest advancements in tech
• Hardware hacking devices and gadgets that are a must-have
• Which operating systems should you learn
• Virtualization technology that works well for a lab build
• Using AI to help build your lab

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Not...