Paul's Security Weekly (Audio)

Two parts to this episode: * Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions * Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems * What tools exist for analyzing Linux systems? (AIDE, uac, chkrootkit) * Best Anti-Malware for Linux - Commercial tools, open-source, both, none? * ClamAV - fa-notify and the dangers Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-877 [https://securityweekly.com/psw-877]

In the security news: * Vicious Trap - The malware hiding in your router * Hacking your car * WSL is open-source, but why? * Using AI to find vulnerabilities - a case study * Why you should not build your own password manager * The inside scoop behind Lumma Infostealer * Hacking a smart grill * Hardcoded credentials on end of life routers and "Alphanetworks" * SIM swapping is still happening * LoRa for C2 * Russian drones use Telegram * Flipper Zero mod for the LOLZ * Signal blocks Recall * CISA loses more people Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-876 [https://securityweekly.com/psw-876]

This week in the security news: * Malware-laced printer drivers * Unicode steganography * Rhode Island may sue Deloitte for breach. They may even win. * Japan's active cyber defense law * Stop with the ping * LLMs replace Stack Overflow - ya don't say? * Aggravated identity theft is aggravating * Ivanti DSM and why you shouldn't use it * EDR is still playing cat and mouse with malware * There's a cellular modem in your solar gear * Don't slack on securing Slack * XSS in your mail * SIM swapping and the SEC * Ivanti and libraries * Supercomputers in space! Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-875 [https://securityweekly.com/psw-875]

This week in the security news: * Android catches up to iOS with its own lockdown mode * Just in case, there is a new CVE foundation * Branch privilege injection attacks * My screen is vulnerable * The return of embedded devices to take over the world - 15 years later * Attackers are going after MagicINFO * Hacking Starlink * Mitel SIP phones can be hacked * Reversing with Hopper * Supercharge your Ghidra with AI * Pretending to be an anti-virus to bypass anti-virus * macOS RCE - perfect colors * End of life routers are a hackers dream, and how info sharing sucks * Ransomware in your CPU * Disable ASUS DriverHub * Age verification and privacy concerns Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-874 [https://securityweekly.com/psw-874]

Security news for this week: * RDP and credentials that are not really revoked, and some RDP bitmap caching fun * Some magic info on MagicINFO * Vulnerability Management Zombies * There is a backdoor in your e-commerce * Airborne: vulnerabilities in AirPlay * Bring your own installer - crafty EDR bypass * The Signal clone used by US government officials: shocker: has been hacked * AI slop vulnerability reporting * Bricking iPhones with a single line of code * Hacking planet technology * Vibe hacking for the win? * Cybersecurity CEO arrested for deploying malware * Hello my perverted friend * FastCGI - fast, but vulnerable Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-873 [https://securityweekly.com/psw-873]