Paul's Security Weekly (Audio)

* Why should hate AI * When firmware attacks * The 300 second breach * Old ways still work, AI might help * And so begins the crawler wars * Turn off your SonicWall VPN * Your Pie may be wrapped in PII * Attackers will find a way * Signed kernel drivers * D-Link on the KEV * Rasperry PIs attack * Stealthy LoRa * LLM's don't commit code, people do * Jame's Bond style rescue with drones * SRAM has no chill * In the full view of the public... Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-886 [https://securityweekly.com/psw-886]

In the security news: * Hacking washing machines, good clean fun! * Hacking cars via Bluetooth * More Bluetooth hacking with Breaktooth * Making old vulnerabilities great again: exploiting abandoned hardware * Clorox and Cognizant point fingers * AI generated Linux malware * Attacking Russian airports * When user verification data leaks * Turns out you CAN steal cars with a Flipper Zero, so we're told * The UEFI vulnerabilities - the hits keep coming * Hijacking Discord invites * The Raspberry PI laptop * The new Hack RF One Pro * Security appliances still fail to be secure * Person Re-Identification via Wi-Fi Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-885 [https://securityweekly.com/psw-885]

We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: * Google Sues Badbox operators * Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me * Ring cameras that were not hacked * Malicous AURs * Killing solar farms * Weak passwords are all it takes * Microsoft's UEFI keys are expiring * Kali Linux and Raspberry PI Wifi updates * Use lots of electricity, get a visit from law enforcement * Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud * The time to next exploit is short * Sonicwall devices are getting exploited * How not to vibe code * SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity [https://securityweekly.com/materialsecurity] to see purpose-built Google Workspace and Office 365 security in action! Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-884 [https://securityweekly.com/psw-884]

In the security news: * The train is leaving the station, or is it? * The hypervisor will protect you, maybe * The best thing about Flippers are the clones * Also, the Flipper Zero as an interrogation tool * Threats are commercial and open-source * Who is still down with FTP? * AI bug hunters * Firmware for Russian drones * Merging Android and ChromOS * Protecting your assets with CVSS? * Patch Citrixbleed 2 * Rowhammer comes to NVIDIA GPUs * I hear Microsoft hires Chinese spies * Gigabyte motherboards and UEFI vulnerabilities * McDonald's AI hiring bot: you want some PII with that? Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-883 [https://securityweekly.com/psw-883]

This week in the security news: * Citrixbleed 2 and so many failures * Ruckus leads the way on how not to handle vulnerabilities * When you have no egress * Applocker bypass * So you bought earbuds from TikTok * More gadgets and the crazy radio * Cheap drones and android apps * Best Mario Kart controller ever * VSCode: You're forked * Bluetooth earbuds and vulnerabilities * Do you remember Sound blaster cards? * NFC passport chips * Whack-a-disk Visit https://www.securityweekly.com/psw [https://www.securityweekly.com/psw] for all the latest episodes! Show Notes: https://securityweekly.com/psw-882 [https://securityweekly.com/psw-882]