This week:

• Reversing keyboard firmware
• Ghost networks
• Invasion of the face changers
• Ghost tapping and whole lot of FUD
• AI doesn't code securely, but Aardvark can secure code
• De-Googling Thermostats
• Dodgy Android TV boxes can run Debian
• HackRF vs. Honda
• Cyberslop AI paper
• Turning to the darkside
• Poisoning the watering hole
• Nagios vulnerabilities
• VPNs are a target

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-899

What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems?

Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment's compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can:

• Identify misconfigurations before they become exploited vulnerabilities
• Monitor configuration compliance with major frameworks

• Receive clear, actionable remediation guidance

  and more!

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can't Succeed Without a Talent Strategy, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-420

Rogue Negotiators, Gemini Pulled, Apple's AI Shift, Disappearing CAPTCHAs, and Aaran Leyland on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-526

Pull requests are a core part of collaboration, whether in open or closed source. GitHub has documented some of the security consequences of misconfiguring how PRs can trigger actions. But what happens when repo owners don't read the docs? Bar Kaduri and Roi Nisimi walk through their experience in reading docs, finding vulns, demonstrating exploits, and working with repo owners to improve their security. Their work highlights the challenges in maintaining good security guidance, figuring out secure defaults, and how so many orgs still struggle with triaging external security reports -- something that's becoming even more challenging when orgs are being flooded with low-quality reports from LLMs.

Segment Resources:

• https://orca.security/resources/blog/pull-request-nightmare-github-actions-rce/
• https://orca.security/resources/blog/pull-request-nightmare-part-2-exploits/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-355

Frontline workers can't afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale.

Segment Resources:

• Putting Complex Passwords to Work For You

This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivata to learn more about them!

Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month.

As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity.

Jackie mentions this story from Wired in the segment: https://www.wired.com/story/ai-bubble-will-burst/

Finally, in the enterprise security news,

1. we've got funding and acquisitions
2. 7 red flags you're doing cloud wrong
3. security standards for open source projects
4. post mortems of attacks on open source supply chain
5. some analysis on current and historic AWS outages
6. a deep dive
7. some dumpster fires
8. and how much would you pay for a robot that puts away the dishes?

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-431

AI Cheating?, O, Canada, npms, passkeys, Exchange, Solaris, the amazing Rob Allen of Threatlocker, and More on this edition of the Security Weekly News.

Segment Resources:

Ingram Micro Working Through Ransomware Attack by SafePay Group | MSSP Alert: https://www.msspalert.com/news/ingram-micro-working-through-ransomware-attack-by-safepay-group

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-525

In the security news this week:

• Cybersecurity is dead, and AI killed it
• Exploiting the patching system
• Apple makes it easier for spyware
• Who is patching Cisco ASA?
• Shove that DMCA somewhere
• HTTPS - a requirement
• Russia wants to own all the exploits
• Abandonware challenges
• Reversing at its hardest with Lua
• Hacking team is back, and leetspeak malware
• When you forget to authenticate your API
• Jamming with cool tech
• GoSpoof
• and After 35 Years, a Solution to the CIA's Kryptos Puzzle Has Been Found!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-898

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust?

Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm's destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success.

In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world 'hit zero' or came close to it: Failure is 'the gift', The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-419