Paul’s Security Weekly (Video)
Technology
We discuss the always controversial Flipper Zero devices the hidden risks in the undersea cables, and the landscape of government oversight, revealing the intricacies of CVE, KEV, and NVD systems that are the linchpins of our digital safety. The conversation takes a turn to the practicalities of risk management and the impact of individuals on the industry, like Daniel from the curl project, striking a chord with the significance of cybersecurity vulnerabilities compared to environmental pollution. We tackle the challenges of vulnerability prioritization and the importance of a comprehensive approach to managing the ever-evolving threats that target our digital infrastructure.
(00:01) Security Practices and Flipper Zero (07:01) Technology and Privacy Concerns in Cars (17:33) Undersea Cables and NVD Issues (27:45) Government Oversight and Funding for Cybersecurity (33:33) Improving Vulnerability Prioritization in Cybersecurity (45:37) Risk Management and CVE Implementation (58:06) Cybersecurity Budget and Risk Management (01:10:48) Unique Challenges in Cybersecurity Industry (01:16:41) Discussion on Open Source and CNAs (01:26:44) Bluetooth Vulnerabilities and Exploits Discussed (01:39:46) Email Security and Compromised Accounts (01:46:23) Cybersecurity Threats and Vulnerabilities (01:52:06) GPU Security Vulnerabilities Explained
Show Notes: https://securityweekly.com/psw-821
ExpressLRS Protocol, Pi Pico W Wireless, Apple v. Spyware, & Lenovo UEFI Flaws - PSW #747
Six Degrees of BloodHound - Andy Robbins - PSW #747
Prank Calls, Lazarus APT, WordPress Critical Vulns, CISA Adds 41 Flaws, & Zoom Bugs - PSW #742
Building Career Links to Secure the Real Supply Chain - John Pescatore - PSW #742
Destructive Firmware, Keys to the Kingdom, the Device Level, & 5 CyberSec Myths - PSW #746
Cult of the Dead Cow & the Best Cybersecurity Journalism - Joseph Menn - PSW #746
Plastic Bags, NSA Playsets, Megs Insecure, PHP Strikes Back, & Gamification - PSW #745
Learning Should Be Fun - Sam Bowne - PSW #745
Big DDOS, Tracking Smartphones, BIOS Doom, NSO Buyer, & Android Children - PSW #744
We Help The Helpers; You Can Too! - Ray Davidson - PSW #744
Understanding WebApp Client-Side Security With Source Defense - Matt McGuirk - PSW #743
Charitable Ransomware, Year of Linux Malware, Follina MSDT, Twitter Fines, & Bounties - PSW #743
Windows GPU Display Vulns, NFT Discord Hack, Costa Rica Vs. Hackers, & Initial Access - PSW #741
Firmware Security - Saumil Shah - PSW #741
Year in Cyber Review 2021 - Robert Lee - PSW #741
Public Entities & Ransomware, Colonial Pipeline Fine, Nvidia's LHR Limiter, & BIG-IP - PSW #740
Destructive Malware & Other Threats to Watch - Fleming Shi - PSW #740
Lots of Star Wars, David Walden, Vulnerable Contractors, & Pirate Streaming - PSW #739
Risk Transfer With Engineering Based Cyber Insurance - Fatih Karayumak - PSW #739
Silk Road Seizure, Psychic Signatures, Twitter Algorithms, & Linux Desktops - PSW #738
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast