Below the Surface (Audio) - The Supply Chain Security Podcast

Uncovering Firmware Risks: From Y2K to Modern Malware - BTS #73

55 min · 7 de may de 2026
Portada del episodio Uncovering Firmware Risks: From Y2K to Modern Malware - BTS #73

Descripción

In this episode of Below the Surface, hosts Paul Asadoorian, Chase Snyder, and guest Brian Richardson explore the evolution of firmware security, the risks of supply chain vulnerabilities, and the latest threats targeting network edge devices like Cisco ASA and FTD. They discuss historical malware like the Chernobyl virus, modern malware campaigns such as Firestarter, and the challenges of securing complex network infrastructure in a rapidly evolving threat landscape. Links: https://www.linkedin.com/news/story/white-house-pushes-back-on-anthropics-mythos-expansion-8741242/ https://www.tomshardware.com/tech-industry/cyber-security/the-chernobyl-virus-turned-27-today-and-it-could-brick-your-pc-in-ways-modern-malware-cant https://blog.talosintelligence.com/uat-4356-firestarter/ Chapters 00:00 Introduction to Below the Surface 02:20 Brian's Transition to Eclipseum 03:50 The Y2K Experience and Early Virus Detection 06:31 The CIH Virus and Its Impact 10:12 BIOS Security and Vulnerabilities 14:10 The Importance of Firmware Lockdown 18:09 Modern Threats and UEFI Attacks 22:13 Targeted Malware and Ransomware Risks 25:21 Creative Concepts in Cybersecurity 26:20 Emerging Threats: Firestarter Malware 30:54 The Security of Network Devices 35:17 Challenges in Managing Security Appliances 39:52 Persistence of Malware and Its Implications 43:02 The Evolving Landscape of Cyber Threats 49:44 AI and Cybersecurity: The Anthropic Dilemma

Comentarios

0

Sé la primera persona en comentar

¡Regístrate ahora y únete a la comunidad de Below the Surface (Audio) - The Supply Chain Security Podcast!

Prueba gratis

Empieza 7 días de prueba

$99 / mes después de la prueba. · Cancela cuando quieras.

  • Podcasts solo en Podimo
  • 20 horas de audiolibros al mes
  • Podcast gratuitos

Todos los episodios

77 episodios

episode FortiBleed Uncovered: How Attackers Harvest Credentials from Fortinet Devices - BTS #77 artwork

FortiBleed Uncovered: How Attackers Harvest Credentials from Fortinet Devices - BTS #77

In this episode, we delve into the recent FortiBleed campaign, exploring how attackers harvest credentials from Fortinet devices, the vulnerabilities in password management, and best practices for defenders to mitigate such threats. Key topics * FortiBleed campaign details and impact * Password hash vulnerabilities in FortiOS * AI's role in analyzing large security breaches * Credential harvesting techniques and defenses * Importance of layered security and best practices Chapters 00:00 Introduction and Initial Thoughts on AI Models 10:04 Credential Harvesting and Security Weaknesses 19:58 Hash Management and Security Appliances 30:15 Incident Response and Vulnerability Management 39:46 The Future of Security in the Age of AI

Ayer54 min
episode Binwalk, Brickstorm, AI Model Madness - BTS #76 artwork

Binwalk, Brickstorm, AI Model Madness - BTS #76

summary In this episode of Below the Surface, Paul Asadoorian, Chase Snyder, and Vlad Babkin discuss the implications of AI in cybersecurity, the challenges posed by AI guardrails, and the operational risks associated with applying patches. They also explore vulnerabilities in security tools like Binwalk, the complexities of firmware update tools, and the importance of transparency in software signing, particularly in the context of open source software. In this conversation, the speakers delve into the complexities of cybersecurity, focusing on the limitations of security through obscurity, the challenges posed by UEFI shells and secure boot, and the operational risks associated with DBX updates. They discuss the difficulties in vulnerability management and the role of AI in cybersecurity, highlighting how it may benefit attackers more than defenders. The conversation also touches on emerging threats like Brickstorm malware and the need to rethink edge device security in light of these challenges. Finally, they emphasize the necessity for all companies to adopt robust cybersecurity measures. Chapters 00:00 Introduction to Below the Surface Podcast 01:16 The Rise of AI and Its Implications 06:42 Challenges with AI Guardrails and Restrictions 10:53 Operational Risks in Cybersecurity 17:01 Vulnerabilities in Security Tools 20:11 Exploring Firmware Update Tools 29:07 The Importance of Open Source in Security 34:07 The Need for Transparency in Software Signing 35:12 The Fallacy of Security Through Obscurity 36:36 The Challenges of UEFI Shells and Secure Boot 39:58 The Complexity of DBX Updates and Operational Risks 43:20 The Difficulty of Vulnerability Management 48:11 AI's Role in Cybersecurity: A Double-Edged Sword 52:59 Emerging Threats: The Rise of Brickstorm Malware 55:54 Rethinking Edge Device Security 01:00:08 The Future of Cybersecurity Infrastructure

16 de jun de 20261 h 0 min
episode Secure Boot Certificates Expiring: What You Need to Know - BTS #75 artwork

Secure Boot Certificates Expiring: What You Need to Know - BTS #75

In this episode of Below the Surface, the team discusses recent cybersecurity trends, including the Verizon DBIR 2026 report, secure boot certificate expirations, and the evolving threat landscape with AI and hardware vulnerabilities. They explore how organizations can adapt their defense strategies to stay ahead of attackers and share insights on supply chain security and malware analysis. * https://eclypsium.com/blog/microsoft-secure-boot-certificates-expire-2026/ [https://eclypsium.com/blog/microsoft-secure-boot-certificates-expire-2026/] * https://eclypsium.com/blog/verizon-dbir-2026/ [https://eclypsium.com/blog/verizon-dbir-2026/] * https://github.com/iss4cf0ng/OpenPetya [https://github.com/iss4cf0ng/OpenPetya] * https://gbhackers.com/exploit-f5-big-ip-ssh-access/ [https://gbhackers.com/exploit-f5-big-ip-ssh-access/] * https://www.microsoft.com/en-us/security/blog/2026/05/22/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5-and-confluence/ [https://www.microsoft.com/en-us/security/blog/2026/05/22/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5-and-confluence/] * https://cybersecuritynews.com/china-linked-hackers-target-southeast-asian-edge-routers/ [https://cybersecuritynews.com/china-linked-hackers-target-southeast-asian-edge-routers/] * https://qiita.com/Y4er/items/0b6071745e4b7b240b3e [https://qiita.com/Y4er/items/0b6071745e4b7b240b3e] * https://www.greynoise.io/blog/sonicwall-scanning-spike-echoes-pattern-preceded-cve-2026-0400 [https://www.greynoise.io/blog/sonicwall-scanning-spike-echoes-pattern-preceded-cve-2026-0400] * YellowKey update: https://www.reddit.com/r/sysadmin/comments/1tkq3x9/yellowkey_bitlocker_exploit_repo_taken_down/ [https://www.reddit.com/r/sysadmin/comments/1tkq3x9/yellowkey_bitlocker_exploit_repo_taken_down/] Chapters 00:00 Introduction and Technical Issues 02:56 Verizon DBIR Insights 05:50 Trends in Vulnerability Management 09:04 The Role of AI in Cybersecurity 12:11 Challenges in Vulnerability Management 14:46 Secure Boot Certificates and Their Implications 29:52 Managing Updates and Security Risks 32:57 The Open Petya Project: A Historical Perspective 36:11 Understanding the Yellow Key Attack 39:34 The Dilemma of Independent Researchers 41:34 The Future of Bug Bounty Programs 43:59 The Evolving Landscape of Vulnerabilities 49:51 Visibility Challenges in Network Security 56:16 The Need for Better Information Sharing

3 de jun de 202655 min
episode YellowKey, CVE Enrichment, Chipmaker Breach - BTS #74 artwork

YellowKey, CVE Enrichment, Chipmaker Breach - BTS #74

In this episode, we explore recent vulnerabilities, the YellowKey BitLocker bypass, supply chain security, CVE data analysis, and the implications of hardware breaches like the one at Foxconn. We also delve into AI's role in vulnerability research and the evolving landscape of cybersecurity threats. Topics * https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth [https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth] * https://github.com/Nightmare-Eclipse/YellowKey [https://github.com/Nightmare-Eclipse/YellowKey] * https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack [https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack] * https://x.com/AlvieriD/status/2053835732658143416 [https://x.com/AlvieriD/status/2053835732658143416] Chapters 00:00 Introduction to Vulnerability Research and AI 03:42 NIST and CVE Growth Challenges 06:46 Building Tools for CVE Analysis 10:58 The Complexity of CVSS Scoring 15:08 CISA's Role in Vulnerability Enrichment 18:06 Challenges in CWE and CPE Data 19:55 The Future of Vulnerability Research 27:18 BitLocker Bypass: A Case Study 33:05 Exploring the Complexity of Windows Features 34:49 Speculation on Microsoft and Conspiracy Theories 35:57 The Impact of BIOS Passwords on Security 39:12 The Foxconn Breach: A Major Data Compromise 47:34 Supply Chain Attacks on Package Managers 51:13 Deceptive Techniques in Cybersecurity

19 de may de 202654 min
episode Uncovering Firmware Risks: From Y2K to Modern Malware - BTS #73 artwork

Uncovering Firmware Risks: From Y2K to Modern Malware - BTS #73

In this episode of Below the Surface, hosts Paul Asadoorian, Chase Snyder, and guest Brian Richardson explore the evolution of firmware security, the risks of supply chain vulnerabilities, and the latest threats targeting network edge devices like Cisco ASA and FTD. They discuss historical malware like the Chernobyl virus, modern malware campaigns such as Firestarter, and the challenges of securing complex network infrastructure in a rapidly evolving threat landscape. Links: https://www.linkedin.com/news/story/white-house-pushes-back-on-anthropics-mythos-expansion-8741242/ https://www.tomshardware.com/tech-industry/cyber-security/the-chernobyl-virus-turned-27-today-and-it-could-brick-your-pc-in-ways-modern-malware-cant https://blog.talosintelligence.com/uat-4356-firestarter/ Chapters 00:00 Introduction to Below the Surface 02:20 Brian's Transition to Eclipseum 03:50 The Y2K Experience and Early Virus Detection 06:31 The CIH Virus and Its Impact 10:12 BIOS Security and Vulnerabilities 14:10 The Importance of Firmware Lockdown 18:09 Modern Threats and UEFI Attacks 22:13 Targeted Malware and Ransomware Risks 25:21 Creative Concepts in Cybersecurity 26:20 Emerging Threats: Firestarter Malware 30:54 The Security of Network Devices 35:17 Challenges in Managing Security Appliances 39:52 Persistence of Malware and Its Implications 43:02 The Evolving Landscape of Cyber Threats 49:44 AI and Cybersecurity: The Anthropic Dilemma

7 de may de 202655 min