In this episode of Below the Surface, the team discusses recent cybersecurity trends, including the Verizon DBIR 2026 report, secure boot certificate expirations, and the evolving threat landscape with AI and hardware vulnerabilities. They explore how organizations can adapt their defense strategies to stay ahead of attackers and share insights on supply chain security and malware analysis.

• https://eclypsium.com/blog/microsoft-secure-boot-certificates-expire-2026/
• https://eclypsium.com/blog/verizon-dbir-2026/
• https://github.com/iss4cf0ng/OpenPetya
• https://gbhackers.com/exploit-f5-big-ip-ssh-access/
• https://www.microsoft.com/en-us/security/blog/2026/05/22/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5-and-confluence/
• https://cybersecuritynews.com/china-linked-hackers-target-southeast-asian-edge-routers/
• https://qiita.com/Y4er/items/0b6071745e4b7b240b3e
• https://www.greynoise.io/blog/sonicwall-scanning-spike-echoes-pattern-preceded-cve-2026-0400
• YellowKey update: https://www.reddit.com/r/sysadmin/comments/1tkq3x9/yellowkey_bitlocker_exploit_repo_taken_down/

Chapters

00:00 Introduction and Technical Issues 02:56 Verizon DBIR Insights 05:50 Trends in Vulnerability Management 09:04 The Role of AI in Cybersecurity 12:11 Challenges in Vulnerability Management 14:46 Secure Boot Certificates and Their Implications 29:52 Managing Updates and Security Risks 32:57 The Open Petya Project: A Historical Perspective 36:11 Understanding the Yellow Key Attack 39:34 The Dilemma of Independent Researchers 41:34 The Future of Bug Bounty Programs 43:59 The Evolving Landscape of Vulnerabilities 49:51 Visibility Challenges in Network Security 56:16 The Need for Better Information Sharing