Best Iot Vulnerabilities Podcasts (2025)

1
Rui Ataide on Navigating Ransomware Negotiations 28:39

Play Pause

3d ago28:39

28:39

Rui Ataide, Managing Security Consultant at GuidePoint Security, joins the Nexus Podcast to discuss his experiences negotiating with ransomware gangs on behalf of victimized organizations. Ataide covers the nuances, processes, and methodology of negotiating with groups. He also explains how extortion and data theft has changed the risk management c…

1
Salvatore Gariuolo on Safe EV Charging 25:23

11d ago25:23

25:23

Salvatore Gariuolo, a senior threat researcher at Trend Micro, joins the Nexus Podcast to discuss safe EV charging and in particular, the ISO 15118 standard meant to create a trusted environment for electric vehicle charging. Gariuolo contends that while ISO 15118 offers substantial improvements that reduce pressure on the grid, and also introduces…

1
236 - The Hidden Danger in Your Cloud-Why Misconfiguration Is the Real Vulnerability 30:31

19d ago30:31

30:31

Enjoying the content? Let us know your feedback! Today we’re tackling a critical subject that causes countless data breaches yet often gets misunderstood: misconfiguration — what it is, why it’s different from a software vulnerability, and why it remains one of the biggest security risks organizations face. One quick reminder before we dive into th…

1
Noam Moshe on Hacking Video Surveillance 27:50

21d ago27:50

27:50

Noam Moshe, Research Director for Claroty Team82, joins the Nexus Podcast live at the Black Hat Briefings in Las Vegas to discuss research that was presented here on the security of a popular video surveillance platform manufactured by Axis Communications. Moshe describes how Team82 examined the proprietary protocol supporting Axis servers and clie…

1
235 - The Microsoft SharePoint vulnerability 27:51

26d ago27:51

27:51

Enjoying the content? Let us know your feedback! Today, we focus on a critical and rapidly evolving Microsoft SharePoint vulnerability that’s rocked the security world in July 2025. We’ll walk you through what it is, why it matters, how attackers exploit it, and most importantly, what you and your organization can do to defend against it. For those…

1
Dan Berte on Solar Grid and IoT Vulnerabilities 32:21

1M ago32:21

32:21

Dan Berte, director of IoT security at Bitdefender, joins the Nexus Podcast to join his team's ongoing research into the security of solar grid inverters and three serious vulnerabilities uncovered in the popular Deye Solarman management platform. Dan discusses his team's research, the disclosure process, and the implications on green energy initia…

1
234 - Protecting the Invisible-How to Secure Infrastructure without Agents 27:49

1M ago27:49

27:49

Enjoying the content? Let us know your feedback! The world of cybersecurity isn’t just about defending laptops and servers—it’s also about safeguarding the “invisible” corners of our networks: those printers, cameras, routers, and dozens of other devices that quietly power our organizations. But what do you do when you can’t install security softwa…

1
Vivek Ponnada on the Ongoing Maturity of OT Security 35:55

1M ago35:55

35:55

OT cybersecurity veteran Vivek Ponnada, SVP Growth & Strategy at Frenos, joins the Nexus Podcast to lend his expertise on the areas where he is seeing the most maturity and rapid evolution in the practice. Vivek explains the growing demand for contextual information to supplement the data organizations have around their known assets and vulnerabili…

1
233 - CI-CD Pipelines and Associated Security Risks 27:33

1M ago27:33

27:33

Enjoying the content? Let us know your feedback! In this week's episode, we talk through the technical details of CI/CD (Continuous Integration/Continuous Development) pipelines: what they are, how they work, the jargon around them, and the potential security risks organizations need to be aware of. Finally, we’ll bust a persistent myth in software…

1
Austin Allen on the Cybersecurity Realities Facing Healthcare 29:07

2M ago29:07

29:07

Austin Allen, Sr. Director of Global Solutions Architecture at Airlock Security, joins the Nexus Podcast to discuss cybersecurity realities happening inside healthcare delivery organizations. Allen covers challenges and solutions around legacy software managing connected medical devices, and other cybersecurity risks potentially negatively impactin…

1
232 - Catching up with security 32:29

2M ago32:29

32:29

Enjoying the content? Let us know your feedback! Today’s episode takes you through three intersecting stories revealing how technology shapes both our vulnerabilities and our digital identity—from the sprawling and adaptable threat of AsyncRAT malware, to critical Bluetooth vulnerabilities threatening millions of vehicles globally, and finally to a…

1
Gentry Lane on the Use of 'Salami Cuts' in Cyber Conflict 28:40

2M ago28:40

28:40

Gentry Lane, founder of Nemesis Global, joins the Nexus Podcast to discuss the strategies guiding adversaries in their targeting of U.S. critical infrastructure. Primary of which is the desire of countries such as China, Russia, Iran, and North Korea to displace the U.S. as the global hegemon, she said. To disrupt the U.S.' standing as such, these …

1
231 - A Crash Course in Vendor Risk, Lessons from the CrowdStrike Outage 29:15

2M ago29:15

29:15

Enjoying the content? Let us know your feedback! Today, we’re focusing on the critical lessons from one of the most disruptive IT failures in recent memory: the global outage triggered by a CrowdStrike software update on July 19, 2024. While the headlines focused on grounded flights and downed systems, the real story lies in what this incident reve…

1
Pedro Umbelino on Exploiting ATG Devices in Fuel Storage 27:14

2M ago27:14

27:14

Pedro Umbelino, Principal Research Scientist at Bitsight Technologies, joins the Nexus Podcast to discuss his team's research into Automatic Tank Gauge (ATG) systems and how they uncovered 11 vulnerabilities in ATGs manufactured by five different vendors. ATG systems are an industrial control system that monitors fuel levels inside storage tanks, i…

1
230 - Security Of iOT 37:45

2M ago37:45

37:45

Enjoying the content? Let us know your feedback! This week on YusufOnSecurity, we’re diving into a topic that’s become increasingly critical as our world grows more connected: the security of the Internet of Things, or IoT. From smart thermostats and wearable fitness trackers to industrial sensors and connected cars, IoT devices are now woven into …

1
Steven Sim on OT-ISAC and the State of Information Sharing 43:08

2M ago43:08

43:08

Steven Sim, Chair of the OT-ISAC Advisory Committee, joins the Nexus Podcast to catch us up on the ISAC's activities, and some of the upcoming community-driven initiatives sponsored by the group. Steven shares the processes by which member organizations share incident, threat, and vulnerability information. He also discusses how member organization…

1
229 - What is FIPS 140-3 22:55

2M ago22:55

22:55

Enjoying the content? Let us know your feedback! In today’s interconnected world, the security of our digital infrastructure relies heavily on cryptography—the science of protecting information by transforming it into unreadable formats for unauthorized users. But how do we know the cryptographic solutions we use are truly secure? That’s where stan…

1
Sarah Fluchs on the Cyber Resilience Act 37:46

2M ago37:46

37:46

Cybersecurity and technology expert Sarah Fluchs joins the 100th episode of the Nexus Podcast to discuss the EU's Cyber Resilience Act and what it means for manufacturers of "products with digital elements" as they aim toward a 2027 compliance deadline. Sarah provides her insight on the regulation's essential requirements, its focus on secure-by-de…

1
228 - How the Emergence of AI-Powered Malware works 26:19

3M ago26:19

26:19

Enjoying the content? Let us know your feedback! In today’s episode is about a seismic shift in the world of cyber threats. The emergence of AI-powered malware. We’ll unpack how this new breed of malware works, the science behind it, real-world incidents, and what the latest academic research reveals. We will also look at the latest news that some …

1
227 - Is UTM Still Relevant? 44:36

3M ago44:36

44:36

Enjoying the content? Let us know your feedback! Today, we’ll answer a pressing question in cybersecurity: Is UTM still relevant in 2025? We’ll trace the origins of UTM, explain why it was created, break down its core features, compare it to newer technologies, and finish by busting a common cybersecurity myth. Before we dive into our main topic, l…

1
Andrew Ohrt on Cyber-Informed Engineering 37:06

3M ago37:06

37:06

Andrew Ohrt, the resilience practice area lead at West Yost, joins the Nexus Podcast to discuss cyber-informed engineering (CIE) and how it informs engineers and asset operators to understand their role in creating and maintaining a cyber resilient organization. According to Ohrt, CIE is one of the best examples of delivering cybersecurity concepts…

1
226 - Inside A Stealthy Malware Powering Modern Cyber Attacks 47:28

3M ago47:28

47:28

Enjoying the content? Let us know your feedback! In this week's episode, we get into some detailed exploration of an up and coming malware. Looking at it closer, it is one of the most advanced post-exploitation code families shaping the cybersecurity landscape in 2025. Over the time we have together, we’ll unravel what this malware is, how it works…

1
Megan Stifel on the Impact of the Ransomware Task Force 29:48

3M ago29:48

29:48

Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry tha…

1
225 - What Is a Content Delivery Network—And Do They Really Protect Businesses? 24:29

3M ago24:29

24:29

Enjoying the content? Let us know your feedback! This week we are exploring what Content Delivery Networks —commonly known as CDNs— are and whether they protect modern businesses. We’ll dive deep into the mechanics of how CDNs work, the technologies behind them, and whether they defend organizations from threats or just deliver content at blazing s…

1
Joe Slowik on Identifying Truly 'Critical' Infrastructure 29:47

3M ago29:47

29:47

Security researcher Joe Slowik joins the Nexus Podcast to discuss the broad interpretation of what critical infrastructure entities are truly "critical," and how that creates an ethical wedge between protecting the well-resourced and those that are resource-strapped. Slowik acknowledges that while calling everything "critical" ensures that nothing …

1
224 - Cisco Talos Year 2024 In Review 34:38

3M ago34:38

34:38

Enjoying the content? Let us know your feedback! In this week's episode, we are looking at the latest Cisco Talos’ 2024 report. In this comprehensive report, we will delve into the major cybersecurity trends and threats observed over the past year. Cisco Talos team, has compiled this report to provide valuable insights and guidance for organization…

1
Danielle Jablanski on Critical Infrastructure Protection 41:26

4M ago41:26

41:26

Danielle Jablanski, Industrial Control Systems Strategist & Subject Matter Expert at CISA, joins the Nexus podcast to discuss her perspectives on critical infrastructure protection and government's role as a cybersecurity partner on implementation guidance and enablement. Danielle touches on a number of areas of CI security and protection, ranging …

1
223 - RSAC 2025 - Part 2 21:55

4M ago21:55

21:55

Enjoying the content? Let us know your feedback! This is the part 2 of RSAC 2025 episode. If you have not listened to episode 1 (that episode 222), I would suggest you listen to episode 1 before you listen this episode. Before you we get into part 2, lets review what has been happening last week on the news front. - UK shares security tips after ma…

1
The implications of phone theft 18:00

4M ago18:00

18:00

In this episode, Felix and Alex discuss the alarming rise of phone thefts in London, sharing personal anecdotes and insights into the implications of losing a device. They explore security measures, user behaviors, and the broader impact of identity theft in today's digital age. The conversation emphasizes the importance of enhancing phone security…

1
Cassie Crossley on Hardware Security, HBOMs 28:20

4M ago28:20

28:20

Schneider Electric Vice President of Supply Chain Security Cassie Crossley joins the Nexus Podcast to discuss the nuances of hardware security and the growing need for hardware bills of materials (HBOMs) within critical infrastructure. Cassie covers the use cases and features that matter most within an HBOM, some of the threats and weaknesses they …

1
222 - RSAC 2025 - Part 1 35:54

4M ago35:54

35:54

Enjoying the content? Let us know your feedback! It was RSAC week and it would be remiss of me if I did not give you a highlight on what went on this year, 2025. After all, RSAC has a critical role in security. We will be reviewing the top key announcements from this year's event, including some exciting news from the major security players in the …

1
Christiaan Beek on Ransomware's Evolution and Economics 30:05

4M ago30:05

30:05

Rapid7 Senior Director of Threat Analytics Christiaan Beek joins the Nexus Podcast to discuss the technical evolution and economic models that maintain ransomware's viability among threat actors. Ransomware became a for-profit threat more than a decade ago and has progressed into the No. 1 threat facing many critical infrastructure organizations. I…

1
221 - FBI’s 2024 Annual Internet Crime Report 32:16

4M ago32:16

32:16

Enjoying the content? Let us know your feedback! This week's episode looks at the FBI’s 2024 Annual Internet Crime Report -an analysis that not only highlights the scale of cybercrime but also reveals the evolving tactics of cybercriminals and the staggering financial impact on individuals and businesses alike. This of course relates to US but it i…

1
220 - Watering Hole Attacks-The Hidden Danger of Trusted Spaces 32:41

4M ago32:41

32:41

Enjoying the content? Let us know your feedback! Imagine visiting your favorite website-one you trust, one you’ve browsed a hundred times before-only to discover it’s become a silent gateway for cybercriminals. What if the real danger wasn’t in suspicious emails or obvious scams, but lurking in the very places you feel safest online? In today’s epi…

1
Autonomous ships, cyber security and the workboat code 19:06

4M ago19:06

19:06

In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and s…

1
219 - What Is Agentic AI? 33:36

5M ago33:36

33:36

Enjoying the content? Let us know your feedback! In this week's episode we are touching an intriguing topic. We're going to explore Agentic AI, a fascinating area within artificial intelligence that focuses on autonomous systems capable of making decisions and performing tasks without human intervention. We'll break it down for those new to cyberse…

1
Cybersecurity Recruiter/Founder talks Entrepreneurship, Startups, and the state of the Job Market. 38:20

5M ago38:20

38:20

Josh Keeley is a Co-Founder of Trident Search, a cybersecurity recruiting agency specializing in early state cybersecurity startups. He talks about his journey as an entrepreneur, cybersecurity startups, and the current state of the job market.By RealTime Cyber

1
218 - Fast Flux-The Cybercriminal's Hide and Seek 26:49

5M ago26:49

26:49

Enjoying the content? Let us know your feedback! This week, we re going to explore what Fast Flux is, a sophisticated technique used by cybercriminals to evade detection and maintain their malicious activities. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear. So without f…

1
HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! 19:22

5M ago19:22

19:22

# Title * HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! ## Description 🔍 Microsoft’s AI Uncovers 20 Zero-Day Threats | CoffeeLoader Malware Gets Smarter In this episode of Exploit Brokers, Cipherceval dives into how Microsoft Security Copilot, powered by AI, discovered over 20 previously unknown vulnerabilities in popula…

1
Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard 40:39

5M ago40:39

40:39

Florence Hudson, working group chair of the IEEE/UL 2933 standard and framework for Clinical IOT Data and Device Interoperability with TIPPSS, joins the Nexus Podcast. Published last September, the standard establishes a framework for secure data exchanges between clinical IoT and medical devices and systems. The frameworks is based on TIPPSS princ…

1
217 - Phishing the Expert-The Unexpected Cybersecurity Breach - Part 2 28:32

5M ago28:32

28:32

Enjoying the content? Let us know your feedback! This week's episode is continuation of Troy Hunt's cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll continue to break down what happened, how it happened, and what we can al…

1
216 - Phishing The Expert-The Unexpected Cybersecurity Breach - Part 1 32:15

5M ago32:15

32:15

Enjoying the content? Let us know your feedback! In this week's episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll break down what happened, how it happened, a…

1
Mike Holcomb on Starting and Succeeding in OT Cybersecurity 42:40

5M ago42:40

42:40

Mike Holcomb, global lead for ICS and OT cybersecurity at Fluor, joins the Nexus Podcast to discuss his advocacy and efforts to educate engineers and IT cybersecurity professionals in the nuances of protecting operational technology and industrial control systems. Mike produces and hosts a learning series available for free on YouTube called "Getti…

1
215 - Cyber Threat Emulation - Strategies for Staying Ahead Of Cyber Attacks 37:04

6M ago37:04

37:04

Enjoying the content? Let us know your feedback! In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization's security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the game. Threat emulation aims to identify and mitigate security…

1
214 - What are polyglot files and how bad are they? 31:58

6M ago31:58

31:58

Enjoying the content? Let us know your feedback! In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and delivering malicious payloads in ways that are both creat…

1
HN58 - Havoc in the Cloud: The Shocking Click Fix Exploit Revealed 24:22

6M ago24:22

24:22

Welcome to Exploit Brokers with your host Cipherceval! In this deep dive, we uncover a sophisticated cyber assault where hackers exploited Microsoft SharePoint to launch the Havoc C2 via a stealthy click fix attack. Learn how a single click can trigger malicious PowerShell commands, turning everyday corporate tools into gateways for cybercrime. In …

1
213 - Stealing Data in Plain Sight -How Cybercriminals Exfiltrate Your Secrets and How to Stop Them 50:53

6M ago50:53

50:53

Enjoying the content? Let us know your feedback! In today's episode, we're diving deep into Data Exfiltration; one of the most serious threats facing organizations today. We'll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools and techniques attackers use, and, most importantly, how organizations c…

1
HN57 - Unmasking SpyLoan: The Android Malware Preying on Loan Seekers 20:32

6M ago20:32

20:32

In this episode of Exploit Brokers, we dive into the dark world of cybercrime, exploring two alarming topics: a malicious Android loan app masquerading as a financial tool and Xerox printer vulnerabilities that could be leaking your credentials. Learn how loan sharks have moved from traditional methods to sophisticated digital predation, exploiting…

1
CISO Hot Takes: GRC, AI & Vendor Relations in Healthcare 48:51

6M ago48:51

48:51

Dan Holland, Deputy CISO of Tampa General Hospital, joins us for a deep dive into a wide range of topics—from GRC and AI to vendor risk management and the unique cybersecurity challenges posed by hurricanes in Florida. We also explore his journey from cybersecurity entrepreneur to his current role at Tampa General.…

1
Ron Fabela on Low-Skilled OT and ICS Threat Actors 36:33

6M ago36:33

36:33

Ron Fabela of ABS Consulting joins the Nexus Podcast to dispel some of the myths surrounding threat actors targeting operational technology and industrial control systems. Groups such as the Russian Cyber Army, UserSec, and the CyberAv3ngers have different ideological motivations, and have decidedly carried out low-impact attacks on OT. Fabela cove…