We navigate through dangerous cyber terrain, examining real-world examples like the WebP library and the Curl vulnerability. Critical issues in Zyxel firewalls will also be unmasked as we shed light on the urgency of improving vulnerability reporting and cataloging and addressing the often-overlooked problem of overclassifying harmless software bug...

Bri has spent her career investigating and defending against critical infrastructure attacks. Hear her take on the current threat landscape, supply chain security, and more! This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

The guidelines from the U.S. and UK's cybersecurity agencies are endorsed by 18 countries and emphasize “secure-by-design” principles.

The DPRK's Lazarus threat group allegedly breached over 100 devices in several countries, including the U.S., Canada, Japan and Taiwan, according to Microsoft.

We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors. This is part of a troubling tr...

Dr. Yuriy Bulygin is the CEO and founder of Eclypsium, the digital supply chain security company. Prior to Eclypsium, Yuriy was Chief Threat Researcher at Intel Corporation. He is also the creator of CHIPSEC, the popular open-source firmware and hardware supply chain security assessment framework When enterprises started using CHIPSEC to find vulne...

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today.

Do people still use mainframes? IoT and firmware security, Apple Find my, Bluetooth is the gift that keeps on giving, to hackers that is, and more!