Paul’s Security Weekly (Video)
Technology
We discuss the always controversial Flipper Zero devices the hidden risks in the undersea cables, and the landscape of government oversight, revealing the intricacies of CVE, KEV, and NVD systems that are the linchpins of our digital safety. The conversation takes a turn to the practicalities of risk management and the impact of individuals on the industry, like Daniel from the curl project, striking a chord with the significance of cybersecurity vulnerabilities compared to environmental pollution. We tackle the challenges of vulnerability prioritization and the importance of a comprehensive approach to managing the ever-evolving threats that target our digital infrastructure.
(00:01) Security Practices and Flipper Zero (07:01) Technology and Privacy Concerns in Cars (17:33) Undersea Cables and NVD Issues (27:45) Government Oversight and Funding for Cybersecurity (33:33) Improving Vulnerability Prioritization in Cybersecurity (45:37) Risk Management and CVE Implementation (58:06) Cybersecurity Budget and Risk Management (01:10:48) Unique Challenges in Cybersecurity Industry (01:16:41) Discussion on Open Source and CNAs (01:26:44) Bluetooth Vulnerabilities and Exploits Discussed (01:39:46) Email Security and Compromised Accounts (01:46:23) Cybersecurity Threats and Vulnerabilities (01:52:06) GPU Security Vulnerabilities Explained
Show Notes: https://securityweekly.com/psw-821
Voltron, Karakurt Extortion, 1 Click Workaround, Snowden Citizenship, & Casey Ellis - PSW #757
The Role of Human Behavior in Security & the Future - Ev Kontsevoy - PSW #757
Firmware VS. Hardware, Tamper Protection, Hacking Gamers, & Unfortunate Spillage - PSW #756
MFA Fatigue & Authentication - Sinan Eren - PSW #756
Browser In Your Browser, Sock Puppets, Performance Killing Patches, & GIFShell - PSW #755
Using No-Code Automation to Tackle Analyst Burnout - Thomas Kinsella - PSW #755
Crappy Exploits, $8 Mil 0-Day, Mac Updates, & Anti-Cheat Is NOT Anti-Hack - PSW #754
Turning Cybersecurity Education Into Industry Impact - John Hammond - PSW #754
Mudge, Tox P2P Messenger, 8 Year Old Linux Flaws, Dirty Pipe, & Unix Legends - PSW #753
Data Integrity Lights the Way: Security With the Decentralized Web - Davi Ottenheimer - PSW #753
StarLink Hacks, Ramsomware Extortion, Signal/Twilio Compromise, Hacking Cars and Tractors - PSW #752
InfoSec Lessons from Military Strategy, Tactics, and Operational Art - Greg Conti - PSW #752
Not-So-Secure Boot - Jesse Michael, Mickey Shkatov - PSW #751
Unearthed Easter Eggs, Black Hat/DEF CON Talks, Decrypting Oz, & 27 Factor Auth - PSW #751
Re-Routing Traffic, Pseudo Keyloggers, TLS Inside, LockBit, Cobalt Strike & Defender - PSW #750
Career in Infosec, SANS Work, & End User Awareness Training - Guy Bruneau - PSW #750
FreeBSD, Steam Decks, Ancient Computers, UEFI Rootkits, & Office Macro Saga Continues - PSW #749
Apple Airtag Detection & Simulation - PSW #749
Linux Distros, The Linux Firewall, CIA Agents, Vault 7 Leaks, & The "Coolest" Laptop - PSW #748
ICS Security - Lesley Carhart - PSW #748
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast