https://youtu.be/3fX7LRXi74I This week on the podcast, we cover a research post that describes a code injection vulnerability caused by the way nearly every high level programming language runs on Windows. We also discuss a series of vulnerabilities in LG televisions that allow remote attackers to root the device before ending with a chat about new adversarial tactics for delivering malware via GitHub ..read more

https://youtu.be/0860ZmM1vgE This week on the podcast, we cover a software supply chain attack years in the making that was days away from a devastating global impact. After that, we cover Facebook's Project Ghostbusters and its impact on user privacy before ending with another software supply chain attack that successfully compromised developers in the gaming world ..read more

https://youtu.be/VqFnomsJzdA This week on the podcast we discuss a vulnerability in required commercial truck hardware that could enable an automatically propagating worm across the entire US. Before that, we cover Apple's "un-patchable" vulnerability in their M-series processors as well as a vulnerability that could let attackers unlock hotel room doors at will ..read more

https://youtu.be/iYM3y85hEkM This week on the podcast, we're joined by Ryan Estes, a member of WatchGuard's Zero-Trust Application Service classification team and resident ransomware expert to discuss the wild month in ransomware news. We start the episode with a story about a fake ransomware operator that scammed cybercriminals out of tens of thousands of dollars before discussing two major Ransomware-as-a-Service operators that have had a pretty rough couple of weeks ..read more

https://youtu.be/GaX_8NOoq7w This week on the podcast, we cover an international law enforcement takedown of the LokBit ransomware group's infrastructure. After that, we cover a novel malware delivery vector involving an IoT "toy." We end the podcast by covering the latest White House Executive Order addressing cybersecurity in critical infrastructure ..read more

https://youtu.be/3SY1sDF-BA0 This week on the podcast we cover Canada's attempt to ban the Flipper Zero. Before that, we review a recent research post on a new class of vulnerability on the Ubuntu operating system. We end the episode with a chat bout a the impacts of artificial intelligence on data security. Menlo Report on Business AI Usage - https://info.menlosecurity.com/rs/281-OWV-899/images/How-employee-usage-of-generative-AI-is-impacting-security-posture.pdf?version=5 ..read more

https://youtu.be/VfKlq6DisLY This week on the podcast, we cover a recent news post about an army of 3 million compromised toothbrushes taking down a Swiss website, causing millions in damages. After that, we discuss the United States DOJ's latest botnet takedown, this time targeting Volt Typhoon. We end the episode by walking through a CISA joint-publication giving guidance on how to defend against Living-of-the-Land (LotL) attacks ..read more

https://youtu.be/fdAjMPAV6CM This week on the podcast, we cover two "Blizzard" threat actors targeting governments and private organizations. We also give an update to the SEC's compromised Twitter/X Account, and then end with a discussion of an EU program designed to improve their citizen's privacy while browsing the internet ..read more

https://youtu.be/jG3mwjCLpJQ This week on the podcast, we review a CISA and FBI joint advisory on the Androxgh0st malware. Before that we cover recent Volt Typhoon activity targeting SMB routers exposed on the internet. We end the episode with a fun research blog post about a series of flaws in an Indian insurance provider ..read more

https://youtu.be/3E_Ei9hgNzA This week on the podcast, we review NIST's new publication that defines a taxonomy for how we talk about Adversarial Machine Learning. Before that, we cover a recent discovery of threat actors retaining access to Google accounts even through a password reset. We round out the episode with an account compromise that lead to a surge in Bitcoin price before finishing with a discussion of Living-off-Trusted Sites (LoTS) attacks that leverage GitHub ..read more