Paul's Security Weekly (Audio)

Security news for this week: * RDP and credentials that are not really revoked, and some RDP bitmap caching fun * Some magic info on MagicINFO * Vulnerability Management Zombies * There is a backdoor in your e-commerce * Airborne: vulnerabilities in AirPlay * Bring your own installer - crafty EDR bypass * The Signal clone used by US government officials: shocker: has been hacked * AI slop vulnerability reporting * Bricking iPhones with a single line of code * Hacking planet technology * Vibe hacking for the win? * Cybersecurity CEO arrested for deploying malware * Hello my perverted friend * FastCGI - fast, but vulnerable Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-873 [https://securityweekly.com/psw-873]

The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: * AI has rapidly shifted from novelty to an essential tool in security and other fields. * Paid AI versions offer significant advantages for professionals. * Legal, ethical, and copyright questions around AI-generated content remain unresolved. * Human skills, critical thinking, communication, and adaptability are more important than ever. * AI is a powerful assistant, but not a replacement for expertise, creativity, or judgment. * Fact-checking AI outputs and understanding bias are critical in the age of generative AI. This episode offers a comprehensive, practical, and philosophical look at how AI is reshaping security, education, and society, providing both optimism and caution for the future. Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-872 [https://securityweekly.com/psw-872]

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-871 [https://securityweekly.com/psw-871]

Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA, College, who knows, a lot more... On Paul's Security Weekly. Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-870 [https://securityweekly.com/psw-870]

In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid credit cards, another post that vanished from the Internet, hiding in NVRAM, protecting the Linux kernel, you down with MCP?, more EOL IoT, bypassing kernel protections, when are you ready for a pen test, red team and bug bounty, what EDR is really missing, and based on this story you should just patch everything all the time! Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-869 [https://securityweekly.com/psw-869]