Paul Asadoorian

Paul's Security Weekly (Video)

Where security veterans unpack the latest IT security news, vulnerabilities, and research through a historical and technical lens that can cut through even the thickest cigar smoke. Hosted by Paul Asadoorian and Larry Pesce. Co-hosts: Josh Marpet, Jeff Man, Mandy Logan, Tyler Robinson.

Forfatter

Paul Asadoorian

Kategori

Technology

Podcastens hjemmeside

securityweekly.com

Seneste episode

9. jul. 2026

Hvor kan du lytte?

Podcasts i appen Replaio Radio Kommer snart

Podcasts kommer snart til appen. Installer nu, og vær den første til at se en helt ny tilgang til podcasts

Hent den på Google Play Installer gratis Android 5 mio.+ downloads · 4,8 i bedømmelse iOS snart

Episoder

AI Is Annoying & IoT Devices Still Get Hacked - PSW #934 09.07.2026

In the security news: Son of Anton strikes again! HalluSquatting and using Claude to defend itself CISA KEV's Revolving Door LLM's hallucinate and companies get sued Additionally - GitLost Yet even more Linux vulnerabilities Citrix just keeps bleeding Old hardware is new again A sneak peak into next week's tech segment Tenda hidden backdoors We're still talking about Mirai Today was not a good day...

Linux Tech Segment & Vulnerabilities Galore - PSW #933 02.07.2026

This week we have a technical segment based on the response to "Atomic Arch", an updated open-source tool to help you catch malicious packages. In the security news: Exploitarium A hot messy summer of vulnerabilities AI Squatting Linux LPE - no shortage of those Fingerprinting Favicons Windows 10 extended Can Clothes Make You Invisible to Facial Recognition? Fable and Mythos for All Do we care abo...

Cloud Visibility, Fortibleed, hacking things the easy way - Sandy Bird - PSW #932 25.06.2026

First up is Sandy Bird from Sonrai discussing how to protect our cloud infrastructure! This segment is sponsored by Sonrai Security. Visit https://securityweekly.com/sonrai to learn more about them! Next up in the security news: Help, I am Fortibleeding Cisco SD-WAN needs help The secret life of probe requests Help, I am Squidbleeding XSS to RCE and why CVSS isn't the full picture TVs spy on you F...

GPS, PCI, ARCH, OH MY! - PSW #931 18.06.2026

In the security news this week: GPS spoofing and satellite jamming are getting way too accessible Rekeying satellites in orbit sounds terrifying Cyber extortion and whether criminals still have ethics AI helping cybersecurity research... and drug discovery Data centers eating regional power grids Nuclear, solar, natural gas, and the future of AI infrastructure What happens when GPS stops being tru...

Trolling Microsoft With Vulnerabilities - PSW #930 11.06.2026

In the security news: Trolling Microsoft With Vulnerabilities Fable 5 loves guardrails Binwalk vulnerability EMBA and local models EDRChoker AI worms Interesting Arista vulnerability added to KEV BOD 26-04 and stakeholder specific vulnerability categorization Bring your own execution environment Homelab tips MikroTik routers as interceptors Ivanti Sentry and irony Smart TV botnets Privacy laws Sol...

Security Researchers Are Threat Actors - PSW #929 04.06.2026

This week in the security news: Security Researchers Are Threat Actors according to Microsoft Hands-free malicious firmware If you've ever typed "ls" in Windows, this is for you Cisco makes more patches, wants you to pay Ambiguous Secure Boot bypass Threat actors love network edge devices, and I have the chat logs and leaks to prove it The downside of chip sanctions Your VoIP phone is hacked Vulne...

Linux Supply Chain How-To - PSW #928 28.05.2026

This week we have a technical segment focused on Linux! Paul released a script that helps you get a handle on Linux supply chain security, and new features allow you to assess the state of Secure Boot on your Linux systems (that also use MS certificates, ironically). The script is in his Git repo: https://github.com/pasadoorian/Linux_Hacks . In the security news: The CVE chase The new security bas...

FCC, Github, MiniShai-hulud, Stated of Supply Chain, Itron, CRA, NIS2, and more!! - PSW #927 21.05.2026

In the security news this week: FCC router bans and the hidden firmware update problem Why extending support timelines actually improves security Github supply chain concerns and the evolving SBOM ecosystem CRA and NIS2 compliance deadlines are getting very real The EU Cyber Resilience Act's 24-hour vulnerability disclosure requirement Security regulation: vertical vs horizontal compliance models...

You're not going to patch your way out of this - PSW #926 14.05.2026

This week: New Yellowkey bitlocker bypass and what it means for you Hackers can run you over with a robot lawnmower FCC says new things about routers, again Glitching with AI almost no false positives AI thought it was evil DirtyFrag and the sad state of Linux LPEs You can buy better tools, perfect security, and other lies The Canvas breach Hackers can still take over trains Baby monitors, on the...

Getting Rid of Your VPN - Rob Allen - PSW #925 07.05.2026

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that wor...

FIRESTARTER - PSW #924 30.04.2026

This week in the security news: Are you a FIRESTARTER? Eavesdropping via fiber-optic cables Copy Fail - more Linux LPE Github RCE Running Linux on a PS5 BadUSB tricks SilentGlass and HDMI threats Sonicwall and vague details Universities are for porn? The Banshee Before CVEs comes scanning Vendor addresses AirSnitch GitHub and not serious work Routers have country-specific backdoors Phones with Hot...

Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923 23.04.2026

This week: Larry's in the host seat and chaos ensues. We dig into: A very questionable story about tracking a warship with a $5 Bluetooth tracker Serial-to-IP devices quietly sitting in critical infrastructure… and full of holes New York regulators mandating MFA and asset inventory—aka CIS Control #1 is now breaking news A ransomware negotiator who decided to double-dip (and landed in prison) "Bra...

The AI "Vulnpocolypse" Is Real? - PSW #922 16.04.2026

This week: CSA issues guidance to CISOs on Mythos Vuln management woes Windows tells you about Secure Boot AI-assisted firmware vuln hunting The dumbest hack Edge decay and the failing perimeter Mac OS X on a Wii Little snitch comes to Linux CPUID served malware Buying plugins to backdoor them Addicted to hacking Is Mythos just a sales pitch? We are still talking about Adobe Acrobat vulns A single...

AI Makes All Bug Shallow? - PSW #921 09.04.2026

This week: Rage dropping 0-Day Claude Mythos, things are different now From UART to root, on a device made in China, where's the FCC? More CUPS vulnerabilities Russians are hacking routers, FCC ban doesn't stop them Mongoose vulnerabilities, and FCC still does nothing Renting virtual phones Iran's cyber attacks SHA-256 almost broken? Catching Axios New Rowhammer, dubbed GPUBreach, gives you root W...

What Is A Router? (And all things AI) - PSW #920 02.04.2026

In the Security News: Claude leaks source code and new models Two really smart people say AI is finding vulnerabilities better than ever Windows is using your internet to send updates to strangers BIG-IP APM vulnerability - all you need to know Linux KVM for the win The bus factor and open source Axios supply chain breach Trimming Grub Depotting and hacking e-Motorcycles Trivy and Cisco source cod...

Scanning The Internet with Linux Tools - PSW #919 26.03.2026

In this segment, we will explore some pretty awesome tools for scanning the Internet, with a focus on network edge devices. We'll bring it all together with Claude Code and look at some sample results. Tools include: Shodan | Passive recon — query existing scan data for exposed devices, services, and vulns | Passive (API) | Instant (no packets sent) ZMap | Host discovery — find live hosts with ope...

Hacking IP KVMs & Reversing with Radare2 - Sergi Àlvarez - PSW #918 19.03.2026

In this episode, we sit down with the Radare community leader, Pancake, the creator of the Radare2 reverse engineering framework. Whether you've never heard of Radare, already use it daily, or are thinking about contributing to its development, this conversation will demystify what makes Radare unique, why thousands of engineers rely on it, and how you can step into the community. This segment is...

Vulnerability Mis-Management - PSW #917 12.03.2026

In the security news this week: The XZ backdoor documentary Zero days - the clock isn't ticking Vulnerability Mis-Management Reversing traffic light controllers Reversing with Claude Don't curl to bash! Reading CVEs makes my head hurt Dumping browser secrets I open-sourced a new(ish) tool D-LINK exploits There is no password I control the building When old vulnerabilities become new Tile is for st...

Airsnitch, Claude, Hacking Firewalls - PSW #916 05.03.2026

In the security news this week: Remembering "FX" Finding and analyzing Windows drivers Network monitoring with Gibson the backdoor in your PAM The edge is fraying - and attackers have the advantage Age verification for Linux? Banning AI TPMS tracking BLE tracking weird strings Airsnitch RESURGE in and on Ivanti Attackers using Claude Government iPhone hacking kits Cisco SD-WAN, Linux, and 2023 Lea...

AI Is Taking Over Cybersecurity - PSW #915 26.02.2026

First up is a technical segment called "Paul's Linux Hacks". I finally got around to releasing a bunch of scripts and tutorials for Linux that I've created over the years. We'll go over scripts that can give you a supply chain security report and help you update your Arch-based Linux systems and the tutorial for using Linux KVM/Qemu/Libvirt. Repo is here: https://github.com/pasadoorian/Linux_Hacks...

Firmware Backdoors Be Spying On You - PSW #914 19.02.2026

AI says that this is the show where we turn coffee into threat intelligence and cigar smoke into packet captures. This week: a firmware backdoor living its best life inside Android tablets a fresh BeyondTrust RCE that already has scanners circling like seagulls over a french fry. Lenovo Vantage reminds us that "preinstalled convenience" is just another way to spell "attack surface." Texas is takin...

AI Vulnerability Hunting - PSW #913 12.02.2026

In the security news: Viral AI prompts Things to do in your home security lab I can open your garage door They call me DKnife Beyondtrust RCE Cool AI device Robots need your body Meta is just full of scams, phishing, and malware Claude Opus 4.6 found more than 500 high-severity vulnerabilities Arista next gen firewalls and command injection Secure Boot updates The RCE AMD won't fix and why the art...

AI: No One Is Safe - PSW #912 05.02.2026

In the security news this week: Residential proxy abuse is everywhere this week: from Google's takedown of IPIDEA to massive Citrix NetScaler scanning and the Badbox 2.0 botnet Supply chain fun time: Notepad++ updates were hijacked Attackers set their sights on: Ivanti EPMM, Dell Unity storage, Fortinet VPNs/firewalls, and ASUSTOR NAS devices Russian state hackers went after Poland's grid Is ICE o...

To curmudgeon or not to curmudgeon, that is the question. - PSW #911 29.01.2026

This week, we get un-curmudgeoned by Mandy, spending a bunch of time talking about regulations, compliance, and even the US federal government's commitment to cybersecurity internally and with the community at large. We even dive into some Microsoft patches, hacking defunct eScooters, and a lively discussion on ADS-B spoofing! Show Notes: https://securityweekly.com/psw-911

We Left It Vulnerable On Purpose - Rob Allen - PSW #910 22.01.2026

In the security news: Rainbow tables for everyone Lilygo releases a new T-Display that looks awesome AI generated malware for real Detecting BadUSB when its not a dongle A telnetd vulnerability Google Fast Pair and how I took control of your headset Should we make CVE noise? Exploiting the Fortinet patch DIY data diode Bambu NFC reader for your Flipper Payloads in PNG files Don't leave the lab doo...

Lyt til podcasten Paul's Security Weekly (Video) i Replaio

Radio og podcasts i én app - gratis og uden tilmelding. Installer i dag, og gå ikke glip af lanceringen

Hent den på Google Play

Replaio er ikke podcastudgiver; programmernes navne, coverbilleder og lyd tilhører deres ophavsmænd og distribueres via offentlige RSS-feeds.