POPULARITY
Categories
We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicous AURs Killing solar farms Weak passwords are all it takes Microsoft's UEFI keys are expiring Kali Linux and Raspberry PI Wifi updates Use lots of electricity, get a visit from law enforcement Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud The time to next exploit is short Sonicwall devices are getting exploited How not to vibe code SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-884
We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicous AURs Killing solar farms Weak passwords are all it takes Microsoft's UEFI keys are expiring Kali Linux and Raspberry PI Wifi updates Use lots of electricity, get a visit from law enforcement Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud The time to next exploit is short Sonicwall devices are getting exploited How not to vibe code SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-884
We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicous AURs Killing solar farms Weak passwords are all it takes Microsoft's UEFI keys are expiring Kali Linux and Raspberry PI Wifi updates Use lots of electricity, get a visit from law enforcement Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud The time to next exploit is short Sonicwall devices are getting exploited How not to vibe code SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action! Show Notes: https://securityweekly.com/psw-884
Cloak & Dagger with Thane Riddle is back! Join him for another whirlwind through the most important privacy & security news and practical tips. This week, he gives you the rundown on network privacy as the practical tip: keep your data, location, and life secure, no matter how you connect… The post Cloak & Dagger with Thane Riddle: Episode 6, Privacy & Security News, Networking/Network Privacy Tips, & More! appeared first on The Vonu Podcast.
We're back with a brand-new season of Random but Memorable! ✨
It's Tuesday night at the studio and we've got plenty of things to react to in the news, including word on a 2026 lawsuit that may force the truth about TWA 800 into the public record.. After we are done with all of that and comments from the audience, we're checking in with James and Skip of https://patriot-protect.com/ with some Cyber Security news, plus some opinions on huge investments being made into AI Cities. Unleash Your Brain w/ Keto Brainz Nootropic Promo code FRANKLY: https://tinyurl.com/2cess6y7 Sponsor The Show and Get VIP Perks: https://www.quitefrankly.tv/sponsor One-Time Tip: http://www.paypal.me/QuiteFranklyLive Read July Newsletter: https://tinyurl.com/y4yvuxff Elevation Blend Coffee & Official QF Mugs: https://www.coffeerevolution.shop/category/quite-frankly Official QF Apparel: https://tinyurl.com/f3kbkr4s Send Holiday cards, Letters, and other small gifts, to the Quite Frankly P.O. Box! Quite Frankly 222 Purchase Street, #105 Rye, NY, 10580 Send Crypto: BTC: 1EafWUDPHY6y6HQNBjZ4kLWzQJFnE5k9PK Leave a Voice Mail: https://www.speakpipe.com/QuiteFrankly Quite Frankly Socials: Twitter/X: @QuiteFranklyTV Instagram: @QuiteFranklyOfficial Discord Chat: https://discord.gg/KCdh92Fn GUILDED Chat: https://tinyurl.com/kzrk6nxa Official Forum: https://tinyurl.com/k89p88s8 Telegram: https://t.me/quitefranklytv Truth: https://tinyurl.com/5n8x9s6f GETTR: https://tinyurl.com/2fprkyn4 MINDS: https://tinyurl.com/4p84d3cx Gab: https://tinyurl.com/mr42m2au Streaming Live On: QuiteFrankly.tv (Powered by Foxhole) Youtube: https://tinyurl.com/yc2cn395 BitChute: https://tinyurl.com/46dfca5c Rumble: https://tinyurl.com/yeytwwyz Kick: https://kick.com/quitefranklytv Audio On Demand: Spotify: https://spoti.fi/301gcES iTunes: http://apple.co/2dMURMq Amazon: https://amzn.to/3afgEXZ SoundCloud: https://tinyurl.com/yc44m474
Stammhörer, seid stark: Dieses Mal gibt es keine Neuigkeiten rund um die WebPKI. Dafür sprechen Christopher und Sylvester über das angebliche 16-Milliarden-Zugangsdaten-Leck und wie es zum Großereignis überhöht wurde. Außerdem geht es um eine Sicherheitslücke im Linux-Kernel - oder doch woanders? Darüber sind sich die Kernelentwickler und die Distribution Ubuntu uneins und trugen diesen Streit via CVE-Kennungen aus. Außerdem erzählt Christopher über seine Eindrücke zum Sicherheitslücken-Ökosystem und wie es einzelne Verwalter von Opensource-Software überlastet. Und zum Schluß wirft eine Bluetooth-Sicherheitslücke ein Schlaglicht auf eine Industrie, in der die Zulieferkette so unübersichtlich geworden ist, dass man unmöglich sagen kann, welche Geräte betroffen sind. - https://mjg59.dreamwidth.org/71646.html & https://mjg59.dreamwidth.org/71933.html - https://blog.cryptographyengineering.com/2025/06/09/a-bit-more-on-twitter-xs-new-encrypted-messaging/ - DNSSEC KSK Ceremony: https://www.iana.org/dnssec/ceremonies/57 - Greg Kroah-Hartman zur Kernel-CVE-Praxis: https://www.youtube.com/watch?v=u44eMQpGlxA&t=787s - https://heise.de/-9777933 - XKCD Dependancy: https://xkcd.com/2347/ - Folgt uns im Fediverse: * @christopherkunz@chaos.social * @syt@social.heise.de Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort
WE NEED YOU! Our 2025 listener survey is now live, and we'd love to hear from you. Whether you've been with us from episode one or just joined the chaos, your feedback will make the show even better.
Sponsor by SEC Playground
Sponsor by SEC Playground
Sponsor by SEC Playground
In dieser Folge gibt es ein längeres Gespräch zu einer eigentlich recht marginalen Neuerung im WebPKI-Ökosystem. Auf Drängen von Chrome bauen CAs ein Feature aus TLS-Zertifikaten aus, das einige wenige Serverbetreiber nutzten. Ist es statthaft, die Marktmacht derart zu nutzen - und ist die Begründung sinnvoll? Das diskutieren Sylvester und Christopher ausgiebig. Außerdem hat Sylvester ein kleines, nützliches Werkzeug für Tor-Nutzer namens Oniux gefunden und erzählt anhand eines kleinen Fehlers im Ankündigungsartikel des Tor Project, welche Auswirkungen es haben kann, wenn eine .onion-URL irrtümlich bei einem DNS-Server landet. Außerdem befassen die Hosts sich mit den "Busts" gegen Cybercrime-Strukturen, die Malware-Loader und Infostealer vertrieben. Im großen Stil haben Ermittler und IT-Unternehmen diese kriminellen Banden hochgenommen. Und zu guter Letzt gibt es noch ein Eis mit einem falsch kodierten &-Zeichen... - Reddit-AmA mit Sylvester und Christopher: https://www.reddit.com/r/de_EDV/comments/1ksksrb/ama_mit_christopher_kunz_und_sylvester_tremmel_am/ - Digicert zu X9-CA: https://www.digicert.com/blog/how-the-clientauth-crackdown-is-pushing-finance-toward-x9-pki - Oniux: https://blog.torproject.org/introducing-oniux-tor-isolation-using-linux-namespaces/ Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort
Random but Memorable turns 150! 1️⃣5️⃣0️⃣ (It's official, we're old.)
Sponsor by SEC Playground
Sponsor by SEC Playground
AI has taken us into uncharted territory.
Sponsor by SEC Playground
Sponsor by SEC Playground
"Zumindest wird es nicht langweilig", könnte das April-Fazit aus IT-Security-Sicht lauten. Und den beiden "Passwort"-Hosts fällt es erneut leicht, spannende Sicherheitsgeschichten zu erzählen. Unter anderem geht es um eine neue Form der Supply-Chain-Attacke, die KI-Halluzinationen von Softwarebibliotheken ausnutzt. Aber auch eine trickreiche Umgehung der USB-Sperre von Mobilgeräten stellt Co-Host Christopher vor - und Sylvester ärgert sich über unvollständige Sicherheitsflicken beim Security-Appliance-Hersteller Fortinet. Einig sind sich beide allerdings wieder bei ihrem Dauerbrenner: Eine nun beschlossene Änderung in der WebPKI findet beider Beifall. - ChoiceJacking-Vortrag auf der BlackHat: https://i.blackhat.com/Asia-25/Asia-25-Draschbacher-Watch-Your-Phone.pdf - Offener Brief der EFF in der Causa Krebs: https://www.eff.org/press/releases/eff-leads-prominent-security-experts-urging-trump-administration-leave-chris-krebs - ckus (In-)Security Appliance Bingo: cku.gt/appbingo25 - Slopsquatting-Paper „We Have a Package for You“: https://arxiv.org/abs/2406.10279 - OpenCVE-Installationsanleitung: https://docs.opencve.io/deployment/ - Folgt uns im Fediverse: @christopherkunz@chaos.social @syt@social.heise.de Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort
It's our World Password Day Special!
Sponsor by SEC Playground
Sponsor by SEC Playground
What's the best thing small businesses can do to improve their security posture?
Achtung, die Blutdruckpillen werden ausgepackt! Christopher und Sylvester ärgern sich über laxe Sicherheitspraktiken bei Konzernen und deren undurchsichtige Krisen-PR. Sie freuen sich hingegen über reichlich Hörer-Feedback zu vergangenen Folgen und diskutieren über Neuerungen im Zertifikats-Ökosystem. Und auch eine sehr prominente, aber vorbildlich gemeisterte Phishing-Attacke wird zum Thema - die Hosts erklären, warum sich wirklich niemand schämen sollte, Opfer geworden zu sein. - https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN - https://github.com/wesaphzt/privatelock - https://eylenburg.github.io/android_comparison.htm - https://samwho.dev/bloom-filters/ - https://github.com/mozilla/clubcard Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort
This episode we meet Chris McCarty, the inspirational student and founder of Quit Clicking Kids, an organization advocating for children's rights in the digital age. Learn about the rise of “sharenting” and how Chris is fighting for legislative changes to safeguard minors from exploitation on social media platforms. We cover everything from the permanence of online content to getting Gen Z proactive about their privacy.In Watchtower Weekly, we unpack Adolescence (the Netflix show everyone can't stop talking about) and how AI agents are being used to help overwhelmed cybersecurity professionals.
Surprise! In this bonus episode, Ralph Echemendia shares more of his experiences working as a Technical Supervisor on the Snowden movie.
Why does Hollywood get hacking wrong in so many movies and TV series?
What's it like to work as a CISO at a security company? This week, 1Password's VP of Security and CISO, Jacob DePriest, reveals all. Jacob also shares his advice for building strong security teams with diverse perspectives, backgrounds, and skillsets.
Social Security Administration Workers Can No Longer Read the News at Work. AOC showed how dumb Musk really is. Trump's lies on budget, taxes, economy, and taxes exposed.Subscribe to our Newsletter:https://politicsdoneright.com/newsletterPurchase our Books: As I See It: https://amzn.to/3XpvW5o How To Make AmericaUtopia: https://amzn.to/3VKVFnG It's Worth It: https://amzn.to/3VFByXP Lose Weight And BeFit Now: https://amzn.to/3xiQK3K Tribulations of anAfro-Latino Caribbean man: https://amzn.to/4c09rbE
Thank you Dr. Mary M. Marshall, Wikiman “why we fight “, Gayla Kunis, Suzette Jensen, Meg Grant, and many others for tuning into my live video! Join me for my next live video in the app.* Social Security Administration Workers Can No Longer Read the News at Work: “Local news blocked,” one employee said. “So if there were a local shooting or something, I wouldn't be able to see.” [More]* AOC showed how dumb Musk really is as she slammed her GOP colleagues for being Musk's lap dogs: AOC, in one setting, was able to show her Republican colleagues to be nothing than Trump & Musk puppets. More importantly, Musk is not very smart. [More]* Trump's lies on budget, taxes, economy, and taxes exposed in perfect chart form: Trump's presidential address was devoid of truth. Steve Rattner uses charts to call out his blatant lies on the budget, taxes, economy, and taxes. [More] To hear more, visit egberto.substack.com
What's GhostGPT?
We're back!
Welcome to A Very (Artificial) Festive Special!
Bootkitties and Linux bootkits, Canada realizes banning Flippers is silly, null bytes matter, CVE samples, how dark web marketplaces do security, Perl code from 2014 and vulnerabilities in needrestart, malware in gaming engines, the nearby neighbor attack, this week in security appliances featuring Sonicwall and Fortinet, footguns, and get it off the freakin public Internet! Show Notes: https://securityweekly.com/psw-853
Our monthly news roundup discusses liability insurance for CISOs (if you are one, you should get it), serious intrusions of US telecom companies by Chinese state actors (according to the FBI), and a novel attack that leapt across multiple Wi-Fi networks. We also discuss significant vulnerabilities affecting Palo Alto Networks’ Expedition migration product, how fake... Read more »
Our monthly news roundup discusses liability insurance for CISOs (if you are one, you should get it), serious intrusions of US telecom companies by Chinese state actors (according to the FBI), and a novel attack that leapt across multiple Wi-Fi networks. We also discuss significant vulnerabilities affecting Palo Alto Networks’ Expedition migration product, how fake... Read more »
Are the world's most popular websites using outdated password policies?
What's the true cost of a data breach?
Nerd-out with us this episode, as we dissect the fundamental problems and challenges with traditional passwords.
Are the frequent stories about data breaches in the news making us desensitized?
Are there personality traits that make some people more vulnerable to cyberattacks? We lift the lid on this and more in a one-of-a-kind interview with cyberpsychologist, Dr Erik Huffman. Tune in, as Erik unpacks the human-element of security, how AI is transforming social engineering, and how we can turn humans from the weakest security link into our greatest superpower. ⛓️
Today’s Packet Protector is an all-news episode. We cover the Volt Typhoon hacker group exploiting a zero-day in Versa Networks gear and a multitude of vulnerabilities in Zyxel network products. We also debate whether Microsoft’s endpoint security summit will be more than a public relations exercise, a serious backdoor in RFID cards used in offices... Read more »
Today’s Packet Protector is an all-news episode. We cover the Volt Typhoon hacker group exploiting a zero-day in Versa Networks gear and a multitude of vulnerabilities in Zyxel network products. We also debate whether Microsoft’s endpoint security summit will be more than a public relations exercise, a serious backdoor in RFID cards used in offices... Read more »
Why should we stop using work laptops for personal use? Is your car sneakily selling your driving data? We answer all that and more in Watchtower Weekly.
How can we reimagine social media to make it safer for everyone? Tracy Chou is on a mission to do just that. Join Block Party founder, Tracy Chou, as she sits down with Roo to share her thoughts on privacy in an always online world and what led her to create Privacy Party: A tool that's reshaping the way we use social media and giving power back to the user.
What was the cause of the worst cyber event in history? In Watchtower Weekly, we unpack how a small bug in Crowdstrike software caused an outage apocalypse across the globe.
Strap yourselves in for a wild ride, as we kick off a new season with the incredible true story of the largest FBI sting operation ever. Cybersecurity author and journalist, Joseph Cox, unpacks his best-selling book, Dark Wire. Learn how the FBI built its own app to wiretap the world and turn the tide on the criminal underground, with privacy implications for everyone. Trust us, you won't want to miss this one.
Marcus J. Ranum's 2005 post on dumb ideas in computer security still holds up, Barry Jones argues why story points are useless, Posting is an HTTP client as a TUI, Varnish ceator Poul-Henning Kamp (phk) reflects on ten years of working on the HTTP cache & es-tookit is a major upgrade to Lodash.
It’s an all-news episode for this week’s Packet Protector podcast. We cover critical vulnerabilities in the MOVEit file transfer software and in thousands of ASUS routers, and a remote code execution vulnerability in a Windows wireless driver that you really should patch. We discuss a Wall Street Journal article about how AI tools are helping... Read more »
It's News Day Tuesday! Sam and Emma break down the biggest headlines of the day. First, Sam and Emma run through updates on Israel's advance on Rafah in the wake of Hamas accepting a ceasefire deal proposed by the US, the testimony of Stormy Daniels, Social Security, Boeing, Biden's support for Israel, Trump's legal woes, inter-state abortion immigration, the RNC, and MTG, before watching Brian Kilmeade attempt to spin Trump's ongoing trials into victories for Trump's enterprise. Next, they parse through the recent story around Hamas accepting a ceasefire-for-hostages deal, only for Israel to immediately turn around and kill the agreement as they moved forward with their invasion of Rafah, closing down Rafah crossing, demanding evacuation (from the last haven in Palestine), and separating families, in a desperate push to complete this ethnic cleansing. Sam and Emma look at the recent “warning” letter sent to the International Criminal Court by 12 GOP Senators (from McConnell to Cruz) threatening retaliation and worse if the ICC continues with its plan to issue arrest warrants for Bibi Netanyahu and Yoav Gallant, and tackle Biden's impending deadline to prove Israel's compliance with humanitarian law following the Leahy Law as they explore how the US' unwavering support for this genocide has only further weakened the international “rules-based” order that Biden supposedly sought to restore. After walking through the recent reports on the promising future of Social Security and Medicaid, and the importance of expanded IRS capacity, Sam and Emma wrap up the free half with a deep dive into the recent revelations around Henry Cuellar's corruption, and what that means for Democratic Party leadership's support for his reelection. And in the Fun Half: Sam and Emma discuss the controversy around Kristi Noem undertaking a typical matriarchal task (slaughtering the family puppy), Bernadette from New England dives into the classism ingrained in the US Healthcare system, and Osama from North Carolina asks about Egypt's potential in conflict with Israel. George Santos catches Nick Fuentes with a gotcha that could only stump a homophobic fascist, the right has a new solution for social alienation (a bogus male supplement), and Dan from Texas explores term limits for SCOTUS Justices. Clay from Minnesota discusses the administrative backlash to anti-war activism at Carleton College, plus, your calls and IMs! Become a member at JoinTheMajorityReport.com: https://fans.fm/majority/join Help out the state of Utah by telling them what you see in public bathrooms here!: https://ut-sao-special-prod.web.app/sex_basis_complaint2.html Check out Seder's Seeds here!: https://www.sedersseeds.com/ ALSO, if you have pictures of your Seder's Seeds, send them here!: hello@sedersseeds.com Check out this GoFundMe in support of Mohammed Nasrallah, whose family is trying to leave Gaza for Egypt: https://www.gofundme.com/f/help-mohammed-nasserallah-and-family-go-to-egypt Check out this GoFundMe in support of Mohammad Aldaghma's niece in Gaza, who has Down Syndrome: http://tinyurl.com/7zb4hujt Check out the "Repair Gaza" campaign courtesy of the Glia Project here: https://www.launchgood.com/campaign/rebuild_gaza_help_repair_and_rebuild_the_lives_and_work_of_our_glia_team#!/ Check out StrikeAid here!; https://strikeaid.com/ Gift a Majority Report subscription here: https://fans.fm/majority/gift Subscribe to the ESVN YouTube channel here: https://www.youtube.com/esvnshow Subscribe to the AMQuickie newsletter here: https://am-quickie.ghost.io/ Join the Majority Report Discord! http://majoritydiscord.com/ Get all your MR merch at our store: https://shop.majorityreportradio.com/ Get the free Majority Report App!: http://majority.fm/app Check out today's sponsors: Earthbreeze: Right now, my listeners can receive 40% off Earth Breeze just by going to https://Earthbreeze.com/majority! That's https://Earthbreeze.com/majority to cut out single-use plastic in your laundry room and claim forty percent off your subscription. Liquid IV: Turn your ordinary water into extraordinary hydration with Liquid I.V. Get 20% off your first order of Liquid I.V. when you go to https://LiquidIV.com and use code MAJORITYREP at checkout. That's 20% off your first order when you shop better hydration today using promo code MAJORITYREP at https://LiquidIV.com. Aura Frames: Right now, Aura has a great deal for Mother's Day. Listeners can save on the perfect gift by visiting https://AuraFrames.com/MAJORITY to get $30-off plus free shipping on their best-selling frame. That's https://AuraFrames.com/MAJORITY. Use code MAJORITY at checkout to save. Terms and conditions apply. Follow the Majority Report crew on Twitter: @SamSeder @EmmaVigeland @MattLech @BradKAlsop Check out Matt's show, Left Reckoning, on Youtube, and subscribe on Patreon! https://www.patreon.com/leftreckoning Check out Matt Binder's YouTube channel: https://www.youtube.com/mattbinder Subscribe to Brandon's show The Discourse on Patreon! https://www.patreon.com/ExpandTheDiscourse Check out Ava Raiza's music here! https://avaraiza.bandcamp.com/ The Majority Report with Sam Seder - https://majorityreportradio.com/