Paul's Security Weekly

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn’t at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has consolidated over the past 20 years, showing how 200 companies turned into just 11. Then we cover our quarterly Security Money segment. The markets are on a high, but the Security Weekly 25 index dips. What's up? We'll dig into the latest earnings and news for both the public and private security markets. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-411

I talk to Rinoa Poison about scambaiting, identity, and all sorts of things. Check it out. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-508

In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape. Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pulls back the curtain on how autonomous AI agents and centralized MCP hubs could supercharge productivity—while also opening the door to unprecedented supply chain vulnerabilities. From “shadow MCP servers” to the concept of an “API fabric,” Michael explains why these threats are evolving faster than traditional security measures can keep up, and why CISOs need to act before it’s too late. Viewers will get rare insight into the parallels between MCP exploitation and DNS poisoning, the hidden dangers of API sprawl, and why this new era of AI-driven communication could become a hacker’s dream. Blog: https://salt.security/blog/when-ai-agents-go-rogue-what-youre-missing

Interview with Dave Lewis on Security's Role in M&A Due Diligence In this episode, Dave Lewis from 1Password discusses the critical importance of security in mergers and acquisitions, from due diligence through integration. He explores common pitfalls, essential security assessments, and practical strategies for security leaders to protect organizational value throughout the M&A process. Topic: The Challenge of Breach Transparency Every industry concerned with safety has a process for publishing the details of accidents, incidents, and failures. Cybersecurity has yet to reach this milestone, and hiding the details of failures is holding us back. This talk will argue for the need for breach details to go public, and share strategies for finding and using some little-known sources of detailed breach data. Weekly Enterprise News Finally, in the enterprise security news, A funding, a few acquisitions, and an IPO for the first time in forever! Attackers are really actually starting to use AI now Some rese

Porn bombing the celestial zoom room and Astro Oblivion, FreePBX, GitHub, OWASP, Promptlock, Claude Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-507

Rob Allen joins us to discuss the importance of security research teams, and some cool stuff they've worked on. Then, in the Security News: Flipper Zero, unlocking cars: The saga continues The one where they stole the vulnerabilities ESP32 Bus Pirates AI will weaponize everything, maybe What are in-the-wild exploits? Docker and security boundaries, and other such lies AI-powered ransomeware BadCAM, BadUSB, and novel defenses 5G sniffers Jeff breaks down all the breach reports AI in your browser is a bad idea And How to rob a hotel - a nod to the way hacking used to be This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-889

Securing top-tier cybersecurity leadership is not just a necessity but a significant challenge, especially when working within budget constraints. Should you hire a full-time CISO or outsource to a vCISO provider? Brian Haugli, CEO at SideChannel, joins BSW to discuss how organizations can hire a Virtual CISO (vCISO) to benefit from their expertise without the costs and resource requirements of a full-time hire. Brian will share: Current vCISO trends What to look for in vCISO services Who fits/doesn't fit as a vCISO vCISOs can be an effective solution for organizations that need to enhance their security program or respond to a breach, but know what to look for. If you're in the market for vCISO services or want to become a vCISO, don't miss this interview. In the leadership and communications segment, Boards should bear ultimate responsibility for cybersecurity, From WannaCry to AI: How CISOs Became Strategic Leaders, The Best Leaders Edit What They Say Before They Say It, and more! Visit https://www.secur

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-506

The EU Cyber Resilience Act joins the long list of regulations intended to improve the security of software delivered to users. Emily Fox and Roman Zhukov share their experience education regulators on open source software and educating open source projects on security. They talk about creating a baseline for security that addresses technical items, maintaining projects, and supporting project owners so they can focus on their projects. Segment resources: github.com/ossf/wg-globalcyberpolicy github.com/orcwg baseline.openssf.org Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-345

Interview with Harish Peri from Okta Oktane Preview: building frameworks to secure our Agentic AI future Like it or not, Agentic AI and protocols like MCP and A2A are getting pushed as the glue to take business process automation to the next level. Giving agents the power and access they need to accomplish these lofty goals is going to be challenging, from a security perspective. How do put AI agents in the position to perform broad tasks autonomously without granting them all the privileges? How do we avoid making AI agents a gold mine for attackers - the first place they stop once they hack into our companies? These are some examples of the questions Okta aims to answer at this year’s Oktane event, and we aim to kick off the conversations a little early - with this interview! Segment Resources: Check out securityweekly.com/oktane for all our live coverage during the event this year! More information about the event and how you can attend can be found here: https://www.okta.com/oktane/ AI at Work 2025: Sec

Humans wiped out by 2040, Okta, Elastic, Bad Bots, Berserk Bear, Siemens, Philip K. Dick, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-505

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR

The industry is obsessed with vulnerabilities. From vulnerability assessment to vulnerability management to exposure management and even zero days, we love to talk about vulnerabilities. But what about misconfiguration? By definition it's a vulnerability or weakness, but it doesn't have a CVE (common vulnerability enumeration). Should we ignore it? Danny Jenkins, CEO and Founder at ThreatLocker, joins BSW to discuss why misconfigurations matter. Simply, you can prevent many cyberattacks by eliminating your misconfigurations. That's why ThreatLocker released Defense Against Configurations (DAC). Danny will discuss the benefits of DAC, including: Immediate visibility into system misconfigurations before they become vulnerabilities Compliance transparency, showing exactly where systems fall short of industry standards One unified view, with filters by criticality, system, and framework Actionable insights, updated weekly and delivered straight to customers’ inboxes Segment Resources: https://www.threatlocker

The cult of Doug, Crime, Pipemagic, Clickfix, Cats in Space, Uncle Silvio, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-504

A smaller attack surface should lead to a smaller list of CVEs to track, which in turn should lead to a smaller set of vulns that you should care about. But in practice, keeping something like a container image small has a lot of challenges in terms of what should be considered minimal. Neil Carpenter shares advice and anecdotes on what it takes to refine a container image and to change an org's expectations that every CVE needs to be fixed. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-344

Interview with Snehal Antani - Rethinking Risk-Based Vulnerability Management Vulnerability management is broken. Organizations basically use math to turn a crappy list into a slightly less crappy list, and the hardest part of the job as a CIO is deciding what NOT to fix. There has to be a better way, and there is... Segment Resources: https://horizon3.ai/intelligence/blogs/vulnerability-management-is-broken-there-is-a-better-way/ This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3 to learn more about them! Topic - Andy Ellis's Black Hat Expo Experience Andy Ellis visited every booth at Black Hat. Every. Single. One. He wrote up what he learned and we discuss his findings! https://www.duha.co/state-of-security-vendors-blackhat-2025/ News Finally, in the enterprise security news, Tons of handy new and free tools! is cybersecurity really at the latter stages of consolidation? new books is our obsession with risk quantification hurting our credibility? AI trends is there an im

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

We kick things off with a deep dive into the Hackberry PI and how to build one. Then in the security news: Will Perplexity buy Chrome? ESP32 Bus Pirates Poisoned telemetry Docker image security Fully Open Source Quantum Sensors Securing your car, Flippers, and show me the money Bringing your printer and desktop to Starbucks Paying a ransom? You need approval AI: Shield or Spear? No authentication? That's a problem Transient Bugs: A realistic threat? You can run Linux And who still uses AOL dial-up? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-887

As brands grow more digital, the threats grow more personal. Attackers impersonate executives, spin up fake websites, and leak sensitive data — hurting business reputations and breaking customer trust. How do you defend your organization's reputation and customers' trust? Santosh Nair, Co-Founder and CTO at Styx Intelligence, joins Business Security Weekly to discuss how to defend trust and reputation in the age of AI. Santosh will cover both the company and executive challenges of defending against the latest AI attacks, including: Impersonations and Deepfakes Employee Scams Financial Fraud Segment Resources: - https://styxintel.com/blog/what-is-brand-protection/ - https://styxintel.com/blog/brand-impersonation-hurts-business/ - https://styxintel.com/blog/social-engineering-tactics/ In the leadership and communications section, Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture, Your AI Strategy Needs More Than a Single Leader, Avoid These Communication Breakdowns When La

300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-502