Best Iot Vulnerabilities Podcasts (2025)

1
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"

2h ago

—

Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots o…

1
SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats 2:53:22

7d ago2:53:22

2:53:22

Enabling Firefox's Tab Grouping. Recalled Recall Re-Rolls out. The crucial CVE program nearly died. It's been given new life. China confesses to hacking the US (blames our stance on Taiwan). CISA says what Oracle still refuses to. Brute force attacks on the (rapid) rise. An AI/ML Python package rates a 9.8 (again!) The CA/Browser forum passed short…

1
Autonomous ships, cyber security and the workboat code 19:06

12d ago19:06

19:06

In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and s…

1
SN 1021: Device Bound Session Credentials - Hotpatching in Win 11, Apple vs. UK 3:14:37

15d ago3:14:37

3:14:37

Android to get "Lockdown Mode". What's in the new editions of Chrome and Firefox? Why did Apple silently re-enable automatic updates? My new iPhone 16, Chinese tariffs and electronics. Dynamic "hotpatching" coming to Win11 Enterprise & Edu. Why is it so difficult for Oracle to fess up? Another multi-year breach inside US Treasury. An Apple -vs- the…

1
Identity, AI, and the Unseen Threats in Healthcare Cybersecurity – with vCISO Jason Taule 34:51

14d ago34:51

34:51

Healthcare IoT systems are increasingly targeted by cyber threats, necessitating a shift in strategy from isolated, organization-specific responses to a collaborative, ecosystem-wide approach. James McCarthy sits down with vCISO and 30-year information assurance and cybersecurity veteran Jason Taule. Taule brings important insights into the challen…

1
Cybersecurity Recruiter/Founder talks Entrepreneurship, Startups, and the state of the Job Market. 38:20

20d ago38:20

38:20

Josh Keeley is a Co-Founder of Trident Search, a cybersecurity recruiting agency specializing in early state cybersecurity startups. He talks about his journey as an entrepreneur, cybersecurity startups, and the current state of the job market.By RealTime Cyber

1
SN 1020: Multi-Perspective Issuance Corroboration - IoT Done Right, France Phishes, Gmails E2EE 3:08:26

20d ago3:08:26

3:08:26

Canon printer driver vulnerabilities enable Windows kernel exploitation. Astonishing cyber-security awareness from a household appliance manufacturer. France tries to hook 2.5 million school children with a Phishing test. Wordpress added an abuse prone feature in 2022. Guess what happened? Oracle? Is there something you'd like to tell us? Utah's go…

1
HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! 19:22

27d ago19:22

19:22

# Title * HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! ## Description 🔍 Microsoft’s AI Uncovers 20 Zero-Day Threats | CoffeeLoader Malware Gets Smarter In this episode of Exploit Brokers, Cipherceval dives into how Microsoft Security Copilot, powered by AI, discovered over 20 previously unknown vulnerabilities in popula…

1
SN 1019: EU OS - Troy Hunt Phished, Ransomware List, InControl 3:05:04

27d ago3:05:04

3:05:04

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be d…

1
SN 1018: The Quantum Threat - ESP32 Backdoor Update, RCS E2EE 2:52:59

1M ago2:52:59

2:52:59

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security …

1
The Wild West of IoT: Hacking and Securing Devices with Matt Brown 34:30

1M ago34:30

34:30

Matt Brown, Hardware Security Researcher, Bug Bounty Hunter, and Founder of Brown Fine Security, leaves nothing to the imagination in this conversation with host Eric Johansen on the world of embedded devices and cybersecurity. Matt shares his journey from childhood tinkering to professional vulnerability research, offering insights into the comple…

1
SN 1017: Is YOUR System Vulnerable to RowHammer? - Telegram's Crypto, Twitter Outage, FBI Warning 2:53:50

1M ago2:53:50

2:53:50

An analysis of Telegram Messenger's crypto. A beautiful statement of the goal of modern crypto design. Who was behind Twitter's recent outage trouble? An embedded Firefox root certificate expired. Who was surprised? AI-generated Github repos, voice cloning, Patch Tuesday and an Apple 0-day. The FBI warns of another novel attack vector that's seeing…

1
SN 1016: The Bluetooth Backdoor - North Korean Texans, Apple Pushes Back 2:56:45

2M ago2:56:45

2:56:45

Utah passes age verification requirement for app stores. The inside story on fake North Korean employees. Is that a Texas accent? An update on the ongoing Bybit cryptoheist saga. The industry may be making some changes in the wake of the Bybit attack. Apple pushes back legally against the UK's secret order. Did someone crack Passkeys? The UK launch…

1
HN58 - Havoc in the Cloud: The Shocking Click Fix Exploit Revealed 24:22

2M ago24:22

24:22

Welcome to Exploit Brokers with your host Cipherceval! In this deep dive, we uncover a sophisticated cyber assault where hackers exploited Microsoft SharePoint to launch the Havoc C2 via a stealthy click fix attack. Learn how a single click can trigger malicious PowerShell commands, turning everyday corporate tools into gateways for cybercrime. In …

1
SN 1015: Spatial-Domain Wireless Jamming - Firefox Privacy Policy, Signal Leaving Sweden? 2:52:47

2M ago2:52:47

2:52:47

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memor…

1
HN57 - Unmasking SpyLoan: The Android Malware Preying on Loan Seekers 20:32

2M ago20:32

20:32

In this episode of Exploit Brokers, we dive into the dark world of cybercrime, exploring two alarming topics: a malicious Android loan app masquerading as a financial tool and Xerox printer vulnerabilities that could be leaking your credentials. Learn how loan sharks have moved from traditional methods to sophisticated digital predation, exploiting…

1
CISO Hot Takes: GRC, AI & Vendor Relations in Healthcare 48:51

2M ago48:51

48:51

Dan Holland, Deputy CISO of Tampa General Hospital, joins us for a deep dive into a wide range of topics—from GRC and AI to vendor risk management and the unique cybersecurity challenges posed by hurricanes in Florida. We also explore his journey from cybersecurity entrepreneur to his current role at Tampa General.…

1
SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist 2:39:37

2M ago2:39:37

2:39:37

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Te…

1
The Symbiosis of Tech and Nature: Securing Agriculture with Bill Lucas 42:53

2M ago42:53

42:53

In this episode, host Eric Johansen welcomes Bill Lucas, Senior Director of Cybersecurity at Mastronardi Produce, to explore the evolving security challenges in agricultural IoT. With over sixteen years of experience across the automotive, healthcare, and tech industries, Bill brings a deep understanding of enterprise risk management, endpoint secu…

1
HN56 - Massive Bug Puts Outlook Users at Risk | Kimsuky gets RDPWrapper 27:03

3M ago27:03

27:03

In today’s episode of Exploit Brokers, we dive deep into two major security threats making waves across the digital world. A critical Remote Code Execution (RCE) vulnerability in Microsoft Outlook is putting millions of users at risk, with hackers exploiting it through spear phishing emails and malicious links. Not only that, but we’re also uncover…

1
HN55 - Double Zipping Danger: The 7-Zip Exploit That Could Hack Your PC 27:18

3M ago27:18

27:18

Welcome back to Exploit Brokers! In today’s video, we dive deep into a critical 7‑Zip vulnerability that’s being exploited by Russian cybercriminals to bypass Windows’ security protections. If you’ve used 7‑Zip at all, you need to know how this flaw can let hackers sneak past the Mark-of-the-Web (MOTW) and deploy dangerous malware like Smoke Loader…

1
HN54 - Cybersecurity Experts Reveal LAZARUS GROUP's Hidden Secrets 29:54

3M ago29:54

29:54

Lazarus Group’s Secret Admin Layer EXPOSED – Major Cybersecurity Discovery! 🔥💻 Security researchers have uncovered a hidden admin layer used by North Korea’s Lazarus Group to manage their Command and Control (C2) servers. This sophisticated network of VPNs and proxies allows them to execute cyberattacks worldwide—mainly targeting cryptocurrency dev…

1
IoT Lessons We Learned in 2024 10:11

3M ago10:11

10:11

What did 2024 teach us about securing the IoT and OT landscape? In this special 2024 lookback episode, Alex Nehmy, Asia Pacific CTO at Phosphorus, revisits impactful moments from industry experts and IoT Security Podcast guests, including Jason Taule, Patrick Gillespie, Sean Tufts, Michael Lester, Joel Goins, Khris Woodring, Mike Holcomb, and John …

1
HN53 - AI’s Dirty Little Secret: Employees Leaking Data by Accident 24:46

3M ago24:46

24:46

In this episode, we’re uncovering the darker side of Generative AI and the emerging threats lurking behind everyday tools like ChatGPT and Copilot. Learn how sensitive information—ranging from customer data to employee benefits—can be leaked simply by typing it into a Gen AI prompt. We’ll also expose how cybercriminals are escalating their tactics,…

1
Behind the Scenes of Election Security: CISO of AZ Sec of State 1:04:08

3M ago1:04:08

1:04:08

Michael Moore is the Chief Information Security Officer (CISO) for the Arizona Secretary of State's Office which plays a major role in running elections. We sit down and talk about how elections are run, how votes are cast, authenticated, and counted, how they ensure security and integrity of ballot tabulators, cyber threats to elections, and respo…

1
HN52 - 800K Volkswagen EVs Hacked! Massive Data Breach & Mirai Botnet Attack Explained 21:55

4M ago21:55

21:55

🔒🚗 Volkswagen’s Massive 800K EV Data Breach & Mirai Botnet Threats Explained | Exploit Brokers Welcome back to Exploit Brokers! In today’s episode, we dive deep into two major cybersecurity threats shaking the automotive and industrial sectors: Volkswagen’s 800,000 EV Data Breach Discover how a misconfigured Amazon cloud storage led to the exposure…

1
A PLC Might Say "Oh No": Unlocking Comprehensive Asset Visibility with Enrique Martinez 46:19

4M ago46:19

46:19

In this episode, host and xIoT security evangelist John Vecchi sits down with Enrique Martinez, OT/IoT Practice Lead at World Wide Technology (WWT), to explore the critical challenges and solutions in securing OT and IoT environments. Enrique shares his journey into cybersecurity, highlights the importance of asset visibility, and discusses how AI …

1
HN51 - Chinese Hackers Breach U.S. Treasury AND 3M Fake GitHub Stars Exposed 23:16

4M ago23:16

23:16

In this episode, we dive deep into two explosive cybersecurity stories making headlines right now: a major breach at the U.S. Treasury Department allegedly carried out by Chinese state-sponsored hackers, and the discovery of over 3.1 million fake stars on GitHub used to boost malicious repositories. We’ll explore how third-party vendor BeyondTrust …

1
HN50 - IoT Webcams Hacked & 900k+ Health Records Exposed 25:36

4M ago25:36

25:36

In this eye-opening episode, we uncover the disturbing reality of IoT webcam vulnerabilities and explore how hackers are leveraging outdated firmware and previously discovered but unpatched exploits to infiltrate personal devices. From prying eyes in your own home to the colossal health data breach exposing over 900,000 patient records, the digital…

1
Attacking Santa's Christmas deliveries 19:47

4M ago19:47

19:47

Felix and Alex discuss the attack surface and disruption opportunities for a Cyber attack against Santa's Christmas delivery schedule.By You Gotta Hack That

1
Strategies for Industrial Resilience: Insights from Mark Mattei 41:04

4M ago41:04

41:04

In this episode, Mark Mattei, Global Director of Industrial Managed Security Services at 1898 & Company, unpacks the high-stakes challenges of protecting vital systems from sophisticated attacks. Host John Vecchi highlights the critical issues surrounding IoT and OT security within industrial critical infrastructure. From the importance of cybersec…

1
HN49 - Fortnite Refund Update: Millions Refunded + Lazarus Group’s Crypto Hacks Revealed 23:15

5M ago23:15

23:15

We’re diving into two major stories shaking up the gaming and cybersecurity worlds! First, we discuss the Fortnite Refund Update, where the FTC has forced Epic Games to refund millions due to their use of dark patterns. Find out if you’re eligible for a refund and how to claim it. Then, we shift gears to the Lazarus Group, North Korea’s infamous ha…

1
HN48 - Hydra's Dark Web Empire CRUMBLES 21:26

5M ago21:26

21:26

Uncover the fascinating yet chilling story of Hydra Market, the dark web’s largest illicit empire. Learn how this $1.35 billion platform operated, from smuggling narcotics and laundering money to offering hacking services. We’ll explore how its leader was sentenced to life in prison, the innovative (and illegal) technologies they used, and the glob…

1
Building a Bridge Across the Divide: The Intersection of IT and OT Cybersecurity with Mike Holcomb 51:21

5M ago51:21

51:21

Emphasizing the importance of collaboration and communication, Mike Holcomb shares his extensive experience and practical insights into securing ICS and IoT environments. Holcomb, ICS/OT cybersecurity global lead at Fluor, stresses mastering basic cybersecurity fundamentals and asset inventory, along with the nuances of integrating IT and OT securi…

1
HN47 - Andrew Tate’s Platform Hacked by Activists + Russian Hackers Exploit Zero-Days 18:03

5M ago18:03

18:03

Andrew Tate's platform, formerly known as Hustler’s University, has been hacked, exposing the data of over 800,000 users. Meanwhile, Russian hackers have exploited critical zero-day vulnerabilities in Firefox and Windows, demonstrating the growing sophistication of cyberattacks. In this video, we’ll break down the Andrew Tate hack, the implications…

1
HN46 - Phobos’ $16M Haul & Helldown’s Secret Exploits – 2024’s Ransomware Crisis 27:53

5M ago27:53

27:53

In this episode, we dive deep into the world of ransomware with two of 2024's most talked-about threats: Phobos and Helldown. Learn how the Phobos ransomware operation managed to dominate 11% of the market, generating $16 million in ransom payments, and the shocking details of its admin’s extradition to the U.S. We also explore the rise of Helldown…

1
Critical Infrastructure Security: From Awareness to Action with Khris Woodring 53:47

5M ago53:47

53:47

Recent years have seen a growing awareness of the vulnerabilities in our critical infrastructure to cyberattacks, particularly from nation-states like Russia, Iran, and China. In this episode of the IoT Security Podcast, host John Vecchi welcomes Khris Woodring, Senior Cybersecurity Architect at Syngenta, to explore the evolving challenges and oppo…

1
HN45 - Malware Madness: How Remcos RAT and Human Error Fuel Cyber Threats 33:15

6M ago33:15

33:15

In today's episode, we dive deep into the fascinating yet troubling world of cybersecurity, exploring how even the most advanced antivirus software, firewalls, and endpoint security measures can fall short due to a single factor: human error. Despite the latest tech solutions, hackers continue to exploit one consistent vulnerability—users clicking …

1
HN44 - Malicious Crack Tools & Malvertising Attack: How Hackers Steal Your Data 22:42

6M ago22:42

22:42

In today's episode, we’re diving into the hidden dangers of malicious installers, software cracks, and deceptive ads on Google. We'll explore recent stories, including the SteelFox malware that's hijacking Windows PCs, stealing credit card data, and mining cryptocurrency using vulnerable drivers. Plus, we’ll uncover a new wave of malvertising attac…

1
Guarding the Gateways: Tackling IoT Vulnerabilities in Critical Systems with Joel Goins 44:44

6M ago44:44

44:44

Businesses and government organizations have seen threats to critical US infrastructure on the rise in recent years, particularly within IoT and OT systems, posed by cyberattacks, notably from state actors like Iran. With that context, Joel Goins, a veteran of manufacturing, oil and gas, and OT security at large, talks with John Vecchi about the cr…

Podcasts Worth a Listen

Iot Vulnerabilities Podcasts

Podcasts Worth a Listen