Fortinet’s cybersecurity podcast provides highlights and commentary about securing the largest enterprise, service provider, and government organizations around the world. Join Fortinet’s top experts as they discuss today’s most important cybersecurity topics. The Fortinet Security Fabric platform addresses the most critical security challenges and protect data across the entire digital infrastructure, whether in networked, application, multi-cloud or edge environments. Both a technology com ...
…
continue reading
Interviewing partner experts, I get to ask the questions and get personal insights into the topics we all talk about; game-changing technologies that construct this complex matrix of information that we frequently use as we live, work and play.
…
continue reading
Where security veterans unpack the latest IT security news, vulnerabilities, and research through a historical and technical lens that can cut through even the thickest cigar smoke. Hosted by Paul Asadoorian and Larry Pesce. Co-hosts: Josh Marpet, Jeff Man, Mandy Logan, Tyler Robinson.
…
continue reading

1
UEFI Vulnerabilities Galore - PSW #878
2:10:48
2:10:48
Play later
Play later
Lists
Like
Liked
2:10:48This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor namin…
…
continue reading

1
Updating & Protecting Linux Systems - PSW #877
1:05:23
1:05:23
Play later
Play later
Lists
Like
Liked
1:05:23Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems *…
…
continue reading
In the security news: Vicious Trap - The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities - a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentials on end of life routers and "Alphanetworks" SIM s…
…
continue reading

1
Malware Laced Printer Drivers - PSW #875
2:01:59
2:01:59
Play later
Play later
Lists
Like
Liked
2:01:59This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and…
…
continue reading
This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…
…
continue reading

1
Fortinet ON AIR #5 - Navigating AI, Misinformation & Cyber Resilience with Orange Cyberdefense
21:56
21:56
Play later
Play later
Lists
Like
Liked
21:56Fortinet ON AIR is a video podcast series recorded live at Mobile World Congress 2025 in Barcelona, featuring expert voices from across the telecommunications ecosystem.In each episode, we dive into the evolving cybersecurity landscape—exploring how telcos and service providers can stay secure, resilient, and competitive in a fast-changing digital …
…
continue reading

1
Fortinet ON AIR #4 - Key Insights from WEF's Global Cybersecurity Outlook with Accenture
17:33
17:33
Play later
Play later
Lists
Like
Liked
17:33Fortinet ON AIR is a video podcast series recorded live at Mobile World Congress 2025 in Barcelona, featuring expert voices from across the telecommunications ecosystem.In each episode, we dive into the evolving cybersecurity landscape—exploring how telcos and service providers can stay secure, resilient, and competitive in a fast-changing digital …
…
continue reading

1
Fortinet ON AIR #3 - GenAI Isn’t Just a Tool—It’s a New Attack Surface
16:43
16:43
Play later
Play later
Lists
Like
Liked
16:43Fortinet ON AIR is a video podcast series recorded live at Mobile World Congress 2025 in Barcelona, featuring expert voices from across the telecommunications ecosystem.In each episode, we dive into the evolving cybersecurity landscape—exploring how telcos and service providers can stay secure, resilient, and competitive in a fast-changing digital …
…
continue reading

1
Fortinet ON AIR #2 - How NEC Approaches Strategic Cybersecurity Blueprints for Telcos
13:11
13:11
Play later
Play later
Lists
Like
Liked
13:11Fortinet ON AIR is a video podcast series recorded live at Mobile World Congress 2025 in Barcelona, featuring expert voices from across the telecommunications ecosystem.In each episode, we dive into the evolving cybersecurity landscape—exploring how telcos and service providers can stay secure, resilient, and competitive in a fast-changing digital …
…
continue reading

1
Fortinet ON AIR #1 - Building Simplicity, Security, and Scale into the Future of Networking
13:04
13:04
Play later
Play later
Lists
Like
Liked
13:04Fortinet ON AIR is a video podcast series recorded live at Mobile World Congress 2025 in Barcelona, featuring expert voices from across the telecommunications ecosystem.In each episode, we dive into the evolving cybersecurity landscape—exploring how telcos and service providers can stay secure, resilient, and competitive in a fast-changing digital …
…
continue reading
Fortinet ON AIR is a video podcast series recorded live at Mobile World Congress 2025 in Barcelona, featuring expert voices from across the telecommunications ecosystem.Hear from leaders at Accenture, NEC, Orange Cyberdefense, Cirion Technologies, and Google Cloud as they tackle the biggest challenges facing telcos—from AI-powered attacks and SecOp…
…
continue reading
Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…
…
continue reading

1
AI Tips, Tricks, and Traps! - PSW #872
1:37:21
1:37:21
Play later
Play later
Lists
Like
Liked
1:37:21The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
…
continue reading

1
Hacking Crosswalks and Attacking Boilers - PSW #871
2:04:15
2:04:15
Play later
Play later
Lists
Like
Liked
2:04:15The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…
…
continue reading

1
Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA... - PSW #870
2:06:35
2:06:35
Play later
Play later
Lists
Like
Liked
2:06:35Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA, College, who knows, a lot more... On Paul's Security Weekly. Show Notes: https://securityweekly.com/psw-870
…
continue reading
In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid …
…
continue reading

1
Not-So-Secure Boot - Rob Allen - PSW #868
2:12:35
2:12:35
Play later
Play later
Lists
Like
Liked
2:12:35Rob Allen, Chief Product Officer at Threatlocker joins us for an interview segment on using AI in security products: What works and what's not fully baked! Then in the security news, There are more holes in your boot...loader according to Microsoft, related: Secure Boot is in danger and no one is really talking about it (still), Dear Microsoft: I d…
…
continue reading

1
SignalGate and How Not To Protect Secrets - PSW #867
2:07:11
2:07:11
Play later
Play later
Lists
Like
Liked
2:07:11How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you he…
…
continue reading
This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but s…
…
continue reading

1
AI Is Oversharing and Leaking Data - Sounil Yu - PSW #865
2:07:50
2:07:50
Play later
Play later
Lists
Like
Liked
2:07:50Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user’s need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the orga…
…
continue reading
Hacking your mattress, Taylor Swift all the time, DNS sinkholes, throwing parties at rental properties, detect jamming, it took 18 years to hack, airtag hacks, undetectable weapons, RIP Skype, Cellebrite targets, upgrade ALL the things, Kali, Raspberry PIs, and M.2 hats, pirating music through a supply chain attack, Cisco small business and why you…
…
continue reading

1
Zero Days Are Not Just Fiction - PSW #863
1:49:19
1:49:19
Play later
Play later
Lists
Like
Liked
1:49:19Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my no…
…
continue reading
Our thoughts on Zero Trust World, and just a little bit of news. Of course we covered some firmware and UEFI without Paul! Show Notes: https://securityweekly.com/psw-862
…
continue reading

1
Prompt Injection, CISA, Patch Tuesday - PSW #861
2:05:09
2:05:09
Play later
Play later
Lists
Like
Liked
2:05:09You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, s…
…
continue reading

1
Deepseek, AMD, and Forgotten Buckets - PSW #860
2:06:54
2:06:54
Play later
Play later
Lists
Like
Liked
2:06:54Deepseek troubles, AI models explained, AMD CPU microcode signature validation, what happens when you leave an AWS S3 bucket laying around, 3D printing tips, and the malware that never was on Ethernet to USB adapters. Show Notes: https://securityweekly.com/psw-860
…
continue reading

1
Cred Vaults, Cheap AI, and Hacking Devices - PSW #859
2:05:52
2:05:52
Play later
Play later
Lists
Like
Liked
2:05:52This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US G…
…
continue reading

1
Vulnerability Prioritization In The Real World - PSW #858
2:19:16
2:19:16
Play later
Play later
Lists
Like
Liked
2:19:16Andy Jaquith joins us to discuss how to prioritize vulnerabilities and remmediation in the real-world, including asset management and more! In the security news: ESP32s in the wild and security, Google oAuth flaw, DDoS targets, Ban on auto components, Bambu firmware updates, Silk Road founder is free, one last cybersecurity executive order, US Trea…
…
continue reading
Rob from ThreatLocker comes on the show to talk about how we can disrupt attacker techniques, including Zero Trust, privilege escalation, LOLbins, and evil virtualization. In the news we talk about security appliances and vulnerabilities, rsync vulnerabilities, Shmoocon, hacking devices, and more! This segment is sponsored by ThreatLocker. Visit ht…
…
continue reading

1
Threat Actors With A Thousand Names - PSW #856
2:07:18
2:07:18
Play later
Play later
Lists
Like
Liked
2:07:18DNA sequencer vulnerabilities, threat actor naming conventions, new CNAs and problems, backdoors are not secrets (again), The RP2350 is hacked!, they know where your car is, treasury department hacked, what if someone hacked license plate cameras? Tenable CEO passes away, and very awkwardly, a Nessus plugin update causes problems, who needs fact-ch…
…
continue reading

1
Hacker Heroes - Haroon Meer - PSW Vault
1:16:41
1:16:41
Play later
Play later
Lists
Like
Liked
1:16:41Unraveling Cybersecurity Complexity: A Conversation with Haroon Meer Haroon Meer, an influential figure in the world of cybersecurity, takes center stage in this podcast interview. With a deep reservoir of knowledge and a track record of tackling complex security challenges, Haroon has established himself as a key player in the InfoSec domain. As t…
…
continue reading
XSS is the number one threat?, fix your bugs faster, hacking VoIP systems, AI and how it may help fuzzing, hacker gift guides, new DMA attacks, hacking InTune, Rhode Island gets hacked, OpenWrt supply chain issues, we are being spied on, Germans take down botnet, Bill and Larry are speaking at Shmoocon!, and TP-Link bans. Show Notes: https://securi…
…
continue reading

1
When Public Payphones Become Smart Phones - Inbar Raz - PSW #855
57:19
57:19
Play later
Play later
Lists
Like
Liked
57:19If you've ever wondered how attackers could go after payphones that are "smart" we got you covered! Inbar has done some amazing research and is here to tell us all about it! Segment Resources: https://www.retro.unarmedsecurity.net/post/%D7%9E%D7%A1%D7%AA%D7%91%D7%A8-%D7%A9%D7%92%D7%9D-%D7%98%D7%9C%D7%A4%D7%95%D7%9F-%D7%A6%D7%99%D7%91%D7%95%D7%A8%D7…
…
continue reading
In the security news, the crew, (minus Paul) get to gather to discus hacks causing disruptions, in healthcare, donuts and vodka, router and OpenWRT hacks (and the two are not related), Salt/Volt Typhoon means no more texting and 10 year old vulnerabilities and more! Show Notes: https://securityweekly.com/psw-854…
…
continue reading

1
Navigating Regulations in Supply Chain Security - Eric Greenwald - PSW #854
1:04:00
1:04:00
Play later
Play later
Lists
Like
Liked
1:04:00Join us for this segment as we discuss government regulations and certifications as they apply to supply chain security and vulnerability management, and how understanding the mumbo jumbo can enable organizations to improve their cyber security. Show Notes: https://securityweekly.com/psw-854
…
continue reading

1
Brass Tacks #10: Understanding Cybersecurity Regulations: Why You Shouldn't Fear Regulators
20:08
20:08
Play later
Play later
Lists
Like
Liked
20:08Some CISOs might see industry regulators as an obstacle to their objectives, but not Jorges Fernandez, CISO & DPO for the Portuguese Securities & Exchange Commission, CMVM, and active participant on multiple regulatory bodies.In this episode of Brass Tacks - Talking Cybersecurity, Jorge shares his unique experience and perspective as both regulator…
…
continue reading
Bootkitties and Linux bootkits, Canada realizes banning Flippers is silly, null bytes matter, CVE samples, how dark web marketplaces do security, Perl code from 2014 and vulnerabilities in needrestart, malware in gaming engines, the nearby neighbor attack, this week in security appliances featuring Sonicwall and Fortinet, footguns, and get it off t…
…
continue reading
The hosts discuss hacker gadgets! We'll cover what we've been hacking on lately and discuss gadgets we want to work on in the future and other gadgets we want to get our hands on. Paul has been working with some M5Stack devices, a guide can be found here: https://securitypodcaster.com/m5stack-hacking-guide/ We will cover the Clockwork PI "uConsole"…
…
continue reading

1
Hacker Heroes - Aaron Turner - PSW Vault
1:31:24
1:31:24
Play later
Play later
Lists
Like
Liked
1:31:24In this Hacker Heroes episode, we sit down with Aaron Turner, a highly respected figure in the realm of cybersecurity. With a career spanning decades, Aaron has established himself as a thought leader and authority on various aspects of information security. As a seasoned cybersecurity professional, Aaron has navigated the evolving landscape of dig…
…
continue reading

1
Fortinet, Palo Alto, VMWare - PSW #852
1:58:33
1:58:33
Play later
Play later
Lists
Like
Liked
1:58:33Fast cars kill people, Apple 0-Days, memory safety, poisoning the well, babble babble and malware that tries really hard to be stealthy, Palto Alto and Fortinet have some serious new vulnerabilities, open-source isn't free, but neither is commercial software, get on the TPM bus, find URLs with stealth, stealing credentials with more Palto Alto and …
…
continue reading

1
Confessions of a Cyber Criminal Stalker - Ken Westin - PSW #852
58:05
58:05
Play later
Play later
Lists
Like
Liked
58:05Black Hats & White Collars: We know criminal hacking is big business because we've spied on them! Ken comes on the show to talk about chasing and stalking criminals, even if it means sacrificing some of your own personal safety. Show Notes: https://securityweekly.com/psw-852
…
continue reading
We kicked things off by talking about the Holiday Hack Challenge, which is like this massive cyber playground that Sans puts out every year for everyone from fifth graders to government spooks. Ed Skoudis broke down how they're changing things this time, with an early release and a phased approach that'll give you more time to play and learn. But t…
…
continue reading
Alright, so we dove deep into some pretty wild stuff this week. We started off talking about zip files inside zip files. This is a variation of old-school zip file tricks, and the latest method described here is still causing headaches for antivirus software. Then we geeked out about infrared signals and the Flipper Zero, which brought back memorie…
…
continue reading

1
Brass Tacks #9: The Anatomy of Effective Cybersecurity Posture: AI, LLMs, and Beyond
21:06
21:06
Play later
Play later
Lists
Like
Liked
21:06In the latest episode of Brass Tacks - Talking Cybersecurity, #Fortinet's Filippo Cassini delves into the anatomy of effective cybersecurity posture and discuss how increasing network and security complexity is driving a shift from the selection of security components on a best-of-breed basis to an integrated platform approach.Today's SecOps teams …
…
continue reading

1
We're Not Saying "I told you so" - PSW #850
2:01:51
2:01:51
Play later
Play later
Lists
Like
Liked
2:01:51In the news: Pacific Rim, Linux on Windows for attackers, one of the worst cases of a former employee's retaliation, Zery-Day FOMO, we predicted that, hacking for fun, working hard for no PoC, an LLM that discovers software vulnerabilities, absurd fines, long usernames and Okta, and paying a ransom with dough! Show Notes: https://securityweekly.com…
…
continue reading

1
Cybersecurity For Schools - Kayne McGladrey - PSW #850
45:59
45:59
Play later
Play later
Lists
Like
Liked
45:59We chatted with Kayne about education systems security, funding for cyber tools and services, and what the future of education might look like to fill more cyber roles. Show Notes: https://securityweekly.com/psw-850
…
continue reading

1
EDR Is Dead, EDR Is Not Dead - PSW #849
1:50:52
1:50:52
Play later
Play later
Lists
Like
Liked
1:50:52Google's cookie encryption drama, Microsoft accusing Google of shady antitrust tactics, AI shenanigans, the rejected Defcon talk and hacking traffic lights, vulnerabilities in Realtek SD card readers, the never-ending debate on quantum computing vs. cryptography, backdoors are not secrets and where we are pushing attackers, firmware leakage, more o…
…
continue reading

1
Shadow IT and Security Debt - Dave Lewis - PSW #849
59:44
59:44
Play later
Play later
Lists
Like
Liked
59:44We had the pleasure of finally having Dave Lewis on the show to discuss shadow IT and security debt. Dave shared some fascinating insights from his long career in cybersecurity, emphasizing the importance of addressing fundamental security issues and the human aspect of security. We delved into the challenges of managing shadow IT, the complexities…
…
continue reading

1
Brass Tacks #8 - Board Communication Essentials for CISOs: Meeting Exec Expectations
21:54
21:54
Play later
Play later
Lists
Like
Liked
21:54The buck stops here—or does it? How much should former US President, Harry S Truman's famous slogan apply to the role of CISO?In this episode of Brass Tacks - Talking Cybersecurity, host Joe Robertson is joined by Raffaele Maresca, Global CISO at AkzoNobel, for an illuminating discussion of the evolving role of the CISO. Rather than pinning ultimat…
…
continue reading

1
Not The Vulnerabilities You're Looking For - PSW #848
2:06:29
2:06:29
Play later
Play later
Lists
Like
Liked
2:06:29This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to become public, do malware care if it's on a hypervisor?, MicroPython for fun and not for hacking?, an unspecified vulnerability, can you exploit speculati…
…
continue reading

1
Secure By Default - How do we get there? - Andy Syrewicze - PSW #848
1:00:12
1:00:12
Play later
Play later
Lists
Like
Liked
1:00:12Andy drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. Show Notes: https://securityweekly.com/psw-848
…
continue reading