This week in the security news:

• Citrixbleed 2 and so many failures
• Ruckus leads the way on how not to handle vulnerabilities
• When you have no egress
• Applocker bypass
• So you bought earbuds from TikTok
• More gadgets and the crazy radio
• Cheap drones and android apps
• Best Mario Kart controller ever
• VSCode: You're forked
• Bluetooth earbuds and vulnerabilities
• Do you remember Sound blaster cards?
• NFC passport chips
• Whack-a-disk

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-882

This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. We break down the available hardware, walk you through firmware installation, and share real-world use cases of LoRa to create decentralized, encrypted networks. Whether you’re a hacker, a prepper, or just curious about the future of resilient communication, this episode is packed with insights and practical tips you won’t want to miss!

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-881

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats.

This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero.

HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news:

• Hacking from a light bulb
• Reverse engineering, the easy ways
• Detecting Jitter
• FCC probes into Cyber Trust Mark
• Bluetooth Jamming
• New Wifi Apple features: What could go wrong?
• Just turn off the Internet for the entire country
• Meta's Localhost tracking
• Hacking printers, for realz this time
• Are we not patching 2023 CVEs?
• Cleaning up legacy drivers
• One of the Best Hackers in the Country is an AI Bot

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-880