Paul's Security Weekly

Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA, College, who knows, a lot more... On Paul's Security Weekly.

Visit https://www.securityweekly.com/psw for all the latest episodes!

In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid credit cards, another post that vanished from the Internet, hiding in NVRAM, protecting the Linux kernel, you down with MCP?, more EOL IoT, bypassing kernel protections, when are you ready for a pen test, red team and bug bounty, what EDR is really missing, and based on this story you should just patch everything all the time!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Rob Allen, Chief Product Officer at Threatlocker joins us for an interview segment on using AI in security products: What works and what's not fully baked! Then in the security news, There are more holes in your boot...loader according to Microsoft, related: Secure Boot is in danger and no one is really talking about it (still), Dear Microsoft: I don't want to send you my data, I don't grant you remote access, and I don't want to create a MS account, CrushFTP has to crush some bugs, bypassing unprivileged user namespace restrictions, FBI raids, attackers using your GPU, Find My anything, protecting GlobalProtect, the exploits will continue until things improve, your call records were not protected, good vs. bad drivers, AI is hacking AI, time traveling attacks, and a bizarre call for security researchers.

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you hear some Signal chats were leaked?, ingress nginx, robot dogs, what happens to your 23andme data?, Oracle's cloud was hacked, despite what Oracle PR says, inside the SCIF, and cvemap to the rescue.

Visit https://www.securityweekly.com/psw for all the latest episodes!

This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user’s need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic’s solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools.

In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"!

Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do

Visit https://www.securityweekly.com/psw for all the latest episodes!

Hacking your mattress, Taylor Swift all the time, DNS sinkholes, throwing parties at rental properties, detect jamming, it took 18 years to hack, airtag hacks, undetectable weapons, RIP Skype, Cellebrite targets, upgrade ALL the things, Kali, Raspberry PIs, and M.2 hats, pirating music through a supply chain attack, Cisco small business and why you shouldn't use it, stop hacking Russia, Badbox is back, but it likely never left, and AI still Hallucinates!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my non-spoiler review will tell you, no more DBX hellow SBAT!, and I love it when chat logs of secret not-so-secret ransomware groups are leaked!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Our thoughts on Zero Trust World, and just a little bit of news. Of course we covered some firmware and UEFI without Paul!

Visit https://www.securityweekly.com/psw for all the latest episodes!

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection!

Visit https://www.securityweekly.com/psw for all the latest episodes!