Tractorload of John Deere Vulns, T-Mobile Breach, Kalay IoT Hack, & HolesWarm – PSW #707

In the Security News for this week: Buffer overflows galore, how not to do Kerberos, no patches, no problem, all your IoTs belong to Kalay, the old pen test vs. vulnerability scan, application security and why you shouldn’t do it on a shoe string budget, vulnerability disclosure miscommunication, tractor loads of vulnerabilities, The HolesWarm…….malware, T-Mobile breach, and All you need is….Love? No, next-generation identity and access management with zero-trust architecture is what you need!!! Visit for all the latest episodes!

Full Episode Show Notes

Tractorload of John Deere Vulns, T-Mobile Breach, Kalay IoT Hack, & HolesWarm


Doug White

Doug White - Professor at Roger Williams University


Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jeff Man

Jeff Man - #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems


Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Paul Asadoorian

Paul Asadoorian - Founder at Security Weekly


Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.


  • InfoSec World 2021 is proud to announce its keynote lineup for this year’s in-person event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on world pass and main conference registration! Visit to register now!

  • Join us August 26th at 11am eastern to learn how to implement cloud security that actually works. Visit to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at

prestitial ad