In the security news:

• When in doubt, blame DNS, you're almost always correct
• How to Make Windows 11 great, or at least suck less
• CSRF is the least of your problems
• Shady exploits
• Linux security table stakes (not steaks)
• The pill camera
• Give AI access to your UART
• Security products that actually try to be secure?
• Firmware vulnerabilities, lots of them
• Teams is spying on you
• More details on PolarEdge
• VSCode, marketplaces, and developers at risk
• Cisco SNMP flaw used to deploy malware
• The 90's called, they want their exploits back

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-897

First up is a technical segment on UEFI shells: determining if they contain dangerous functionality that allows attackers to bypass Secure Boot.

Then in the security news:

• Your vulnerability scanner is your weakest link
• Scams that almost got me
• The state of EDR is not good
• You don't need to do that on a phone or Raspberry PI
• Hash cracking and exploits
• Revisiting LG WebOS
• Hardening Docker images
• Hacking Moxa NPort
• Shoddy academic research
• The original sin of computing
• Bodycam hacking
• A new OS for ESP32
• The AI bubble is going to burt
• Mobile VPNs are not always secure

Show Notes: https://securityweekly.com/psw-896

This week we kick things off with a special interview: Kieran Human from Threat Locker talks about EDR bypasses and other special projects. In the security news:

• Hacking TVs
• Flushable wipes are not the only problem
• People just want to spy on their pets, except the devices can be hacked
• Linux EDR is for the birds
• What does my hat say
• we love exploits and hashes
• ESP32s in your router
• RF signal generator on a PI Zero
• Mic-E-Mouse and other things that will probably never happen, until they do
• Hacking with money
• Uninitialized variables and other things the compiler should catch
• Breaking out of the shell
• Hacking with sound, for real, not just another side channel attack
• Bring back 2G
• When the game engine gets hacked
• Oracle 0-days

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-895

In addition to some fun news, we get a Mary Ann Davidson as a surprise guest. We even get a great quote from her of "You're never going to have enough cybersecurity people to defend what was never built to be defensible.".

Show Notes: https://securityweekly.com/psw-894

Broadcom, LastPass, Brickstone, SEO Poisoning, QR codes, H1B visas, Distributed Computing, and More...

Show Notes: https://securityweekly.com/psw-893

This week's technical segment is all about the T-Lora Pager from Lilygo, and really cool Meshtastic device that can also be used for some hacking tasks! In the security news:

• Your safe is not safe
• Cisco ASA devices are under attack
• VMScape
• HybridPetya and UEFI attacks in the wild
• Eveything is a Linux terminal
• Hackers turns 30
• Hosting websites on disposable vapes
• NPM worms and token stealing
• Attackers make mistakes too
• AI podcasts

Show Notes: https://securityweekly.com/psw-892

This week:

• Americans Can't Hack It
• Copy and paste to get malware
• Pixel 5 web servers - because you can
• How they got in and why security is hard
• Vulnerability management is failing - is it dead yet?
• Exploiting hacker tools
• Bluetooth spending spree!
• How to defend your car
• IoT security solutions and other such lies
• Exploiting IBM i (formerly AS/400)
• Vibe coding vulnerabilities
• Plex is hacked again
• Bill's emoji
• ICE spies on phones
• Hackers be hackin' FreePBX

Show Notes: https://securityweekly.com/psw-891

In the secure news:

• Automakers respond to Flipper Zero attacks
• More on the unconfirmed Elastic EDR 0-Day
• When Secure Boot does its job too well
• Crazy authenitcation bypass
• Hacker ultimatums
• AI Slop
• Impatient hackers
• Linux ISOs are malware
• Attackers love drivers
• Hacking Amazon's Eero, the hard way
• Exploits will continue until security improves
• The Salesloft breach
• TP-Link Zero Days
• US DoD using Russian software?
• The Lasagna DoS attack

Show Notes: https://securityweekly.com/psw-890

Rob Allen joins us to discuss the importance of security research teams, and some cool stuff they've worked on. Then, in the Security News:

• Flipper Zero, unlocking cars: The saga continues
• The one where they stole the vulnerabilities
• ESP32 Bus Pirates
• AI will weaponize everything, maybe
• What are in-the-wild exploits?
• Docker and security boundaries, and other such lies
• AI-powered ransomeware
• BadCAM, BadUSB, and novel defenses
• 5G sniffers
• Jeff breaks down all the breach reports
• AI in your browser is a bad idea
• And How to rob a hotel - a nod to the way hacking used to be

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-889

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them!

Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including:

• Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations
• How leaked playbooks, chats, and toolkits can inform detection and response
• Practical steps to defend against modern ransomware tactics in 2025

In the security news:

• Practical exploit code
• Old vulnerabilities, new attackers
• AI and web scraping - the battle continues
• 0-Days: You gotta prove it
• WinRAR 0-Day
• LLM patch diffing
• $20 million bug bounty
• Your APT is showing
• Hacking from the routers
• Its that easy eh?
• NIST guidance on AI
• Words have meaning
• Developers knowingly push vulnerable code
• My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/

Resources:

• Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR
• 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR
• AI and Threat Intelligence: The Defenders’ Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR

Show Notes: https://securityweekly.com/psw-888