Best Josh Bressers Podcasts (2025)

1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904 2:07:47

Play Pause

12d ago2:07:47

2:07:47

This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…

1
Holiday Special Part 1: You’re Gonna Click the Link - Rob Allen - SWN #540 35:34

6h ago35:34

35:34

It’s the holidays, your defenses are down, your inbox is lying to you, and yes—you’re gonna click the link. In Part 1 of our holiday special, Doug White and a panel of very smart people explain why social engineering still works decades later, why training alone won’t save you, and why the real job is surviving after the click. From phishing and sm…

1
Holiday Special Part 1: You're Gonna Click the Link - Rob Allen - SWN #540 35:34

7h ago35:34

35:34

It's the holidays, your defenses are down, your inbox is lying to you, and yes—you're gonna click the link. In Part 1 of our holiday special, Doug White and a panel of very smart people explain why social engineering still works decades later, why training alone won't save you, and why the real job is surviving after the click. From phishing and sm…

1
Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, Dustin Lehr, James Manico, Adam Shostack - ASW #362 1:07:52

7h ago1:07:52

1:07:52

Using OWASP SAMM to assess and improve compliance with the Cyber Resilience Act (CRA) is an excellent strategy, as SAMM provides a framework for secure development practices such as secure by design principles and handling vulns. Segment Resources: https://owaspsamm.org/ https://cybersecuritycoalition.be/resource/a-strategic-approach-to-product-sec…

1
Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, James Manico, Adam Shostack, Dustin Lehr - ASW #362 1:07:52

19h ago1:07:52

1:07:52

Using OWASP SAMM to assess and improve compliance with the Cyber Resilience Act (CRA) is an excellent strategy, as SAMM provides a framework for secure development practices such as secure by design principles and handling vulns. Segment Resources: https://owaspsamm.org/ https://cybersecuritycoalition.be/resource/a-strategic-approach-to-product-sec…

1
Internal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438 1:57:05

21m ago1:57:05

1:57:05

Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infringe on any individual organization’s privacy. That’s why we hear the i…

1
Auld Lang Syne, Ghostpairing, Centerstack, WAFS, React2Shell, Crypto, Josh Marpet... - SWN #539 32:10

30m ago32:10

32:10

Auld Lang Syne, Ghostpairing, Centerstack, OneView, WAFS, React2Shell Redux, Crypto, Josh Marpet, and More, on the Security Weekly News. Show Notes: https://securityweekly.com/swn-539

1
Auld Lang Syne, Ghostpairing, Centerstack, WAFS, React2Shell, Crypto, Josh Marpet... - SWN #539 32:10

31m ago32:10

32:10

Auld Lang Syne, Ghostpairing, Centerstack, OneView, WAFS, React2Shell Redux, Crypto, Josh Marpet, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-539

1
With AI Nothing Is Safe - PSW #905 2:13:54

39m ago2:13:54

2:13:54

This week in the security news: Linux process injection Threat actors need training too A Linux device "capable of practically anything" The Internet of webcams Hacking cheap devices Automating exploitation with local AI models Lame C2 Smallest SSH backdoor Your RDP is on the Internet These are not the high severity bugs you were looking for Low ha…

1
With AI Nothing Is Safe - PSW #905 2:13:54

22m ago2:13:54

2:13:54

This week in the security news: Linux process injection Threat actors need training too A Linux device "capable of practically anything" The Internet of webcams Hacking cheap devices Automating exploitation with local AI models Lame C2 Smallest SSH backdoor Your RDP is on the Internet These are not the high severity bugs you were looking for Low ha…

1
With AI Nothing Is Safe - PSW #905 2:13:54

5d ago2:13:54

2:13:54

This week in the security news: Linux process injection Threat actors need training too A Linux device "capable of practically anything" The Internet of webcams Hacking cheap devices Automating exploitation with local AI models Lame C2 Smallest SSH backdoor Your RDP is on the Internet These are not the high severity bugs you were looking for Low ha…

1
With AI Nothing Is Safe - PSW #905 2:13:54

1h ago2:13:54

2:13:54

This week in the security news: Linux process injection Threat actors need training too A Linux device "capable of practically anything" The Internet of webcams Hacking cheap devices Automating exploitation with local AI models Lame C2 Smallest SSH backdoor Your RDP is on the Internet These are not the high severity bugs you were looking for Low ha…

1
Cybersecurity Hiring Trends as Boards Bridge Confidence Gap and Build Strategic Lever - Jim McCoy - BSW #426 54:36

7d ago54:36

54:36

Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybersecurity hiring trends. Jim McCoy, CEO at Atlas, joins Business Secur…

1
Cybersecurity Hiring Trends as Boards Bridge Confidence Gap and Build Strategic Lever - Jim McCoy - BSW #426 54:36

7d ago54:36

54:36

Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybersecurity hiring trends. Jim McCoy, CEO at Atlas, joins Business Secur…

1
Pornhub, WSL, Santastealer, Geoserver, Webkit, Fortiyomama, Dad's pix, Aaran Leyland. - SWN #538 34:36

16h ago34:36

34:36

Pornhub, WSL, Santastealer, Geoserver, Webkit, Fortiyomama, Dad's Pix, Aaran Leyland, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-538

1
Pornhub, WSL, Santastealer, Geoserver, Webkit, Fortiyomama, Dad's pix, Aaran Leyland. - SWN #538 34:36

4h ago34:36

34:36

Pornhub, WSL, Santastealer, Geoserver, Webkit, Fortiyomama, Dad's Pix, Aaran Leyland, and More, on the Security Weekly News. Show Notes: https://securityweekly.com/swn-538

1
Developing Open Source Skills for Maintaining Projects - Kat Cosgrove - ASW #361 1:03:55

25m ago1:03:55

1:03:55

Open source projects benefit from support that takes many shapes. Kat Cosgrove shares her experience across the Kubernetes project and the different ways people can make meaningful contributions to it. One of the underlying themes is that code is written for other people. That means PRs need to be understandable, discussions need to be enlightening…

1
Developing Open Source Skills for Maintaining Projects - Kat Cosgrove - ASW #361 1:03:55

8d ago1:03:55

1:03:55

Open source projects benefit from support that takes many shapes. Kat Cosgrove shares her experience across the Kubernetes project and the different ways people can make meaningful contributions to it. One of the underlying themes is that code is written for other people. That means PRs need to be understandable, discussions need to be enlightening…

1
Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437 1:49:42

19m ago1:49:42

1:49:42

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we’ll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over th…

1
Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437 1:49:42

8d ago1:49:42

1:49:42

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over th…

1
Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet... - SWN #537 30:38

10d ago30:38

30:38

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-537

1
Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet... - SWN #537 30:38

5d ago30:38

30:38

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Show Notes: https://securityweekly.com/swn-537

1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904 2:07:47

12d ago2:07:47

2:07:47

This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…

1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904 2:07:47

12d ago2:07:47

2:07:47

This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…

1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904 2:07:47

12d ago2:07:47

2:07:47

This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…

1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425 52:57

13d ago52:57

52:57

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …

1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425 52:57

14d ago52:57

52:57

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …

1
Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Aaran Leyland... - SWN #536 34:50

8d ago34:50

34:50

We've got: Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Ships at Sea, Sora, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-536

1
Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Aaran Leyland... - SWN #536 34:50

3d ago34:50

34:50

We've got: Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Ships at Sea, Sora, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-536

1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360 1:07:43

14d ago1:07:43

1:07:43

The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…

1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360 1:07:43

27m ago1:07:43

1:07:43

The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…

1
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436 1:34:58

16d ago1:34:58

1:34:58

Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and a…

1
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Danny Jenkins, Wendy Nather - ESW #436 1:34:58

16d ago1:34:58

1:34:58

Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and a…

1
Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535 33:08

7d ago33:08

33:08

Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-535

1
Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535 33:08

17d ago33:08

33:08

Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News. Show Notes: https://securityweekly.com/swn-535

1
Holiday Hack Challenge, AI, Internet of Trash - Ed Skoudis - PSW #903 2:10:41

19d ago2:10:41

2:10:41

This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news: Oh Asus Dashcam botnets Weird CVEs being issued CodeRED, but not the worm Free IP checking Internet space junk and IoT Decade old Linux kernel vulnerabilities Breaking out of Claude code Malicious LLMs Hacker on a plan gets…

1
Holiday Hack Challenge, AI, Internet of Trash - Ed Skoudis - PSW #903 2:10:41

19d ago2:10:41

2:10:41

This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news: Oh Asus Dashcam botnets Weird CVEs being issued CodeRED, but not the worm Free IP checking Internet space junk and IoT Decade old Linux kernel vulnerabilities Breaking out of Claude code Malicious LLMs Hacker on a plan gets…

1
Holiday Hack Challenge, AI, Internet of Trash - Ed Skoudis - PSW #903 2:10:41

19d ago2:10:41

2:10:41

This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news: Oh Asus Dashcam botnets Weird CVEs being issued CodeRED, but not the worm Free IP checking Internet space junk and IoT Decade old Linux kernel vulnerabilities Breaking out of Claude code Malicious LLMs Hacker on a plan gets…

1
Holiday Hack Challenge, AI, Internet of Trash - Ed Skoudis - PSW #903 2:10:41

19d ago2:10:41

2:10:41

This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news: Oh Asus Dashcam botnets Weird CVEs being issued CodeRED, but not the worm Free IP checking Internet space junk and IoT Decade old Linux kernel vulnerabilities Breaking out of Claude code Malicious LLMs Hacker on a plan gets…

1
Shadow Risks in SaaS, Cybersecurity Market Has Lost Its Mind, and Rise of the CTrO - Mike Puglia - BSW #424 1:06:01

21d ago1:06:01

1:06:01

While many businesses rely on Microsoft 365, Salesforce and Google Workspace security features, critical blind spots remain—the recent series of high profile SaaS breaches demonstrate this. So what should you do? Mike Puglia, General Manager of Kaseya Labs, joins Business Security Weekly to discuss the risks in SaaS applications. In this segment, M…

1
Shadow Risks in SaaS, Cybersecurity Market Has Lost Its Mind, and Rise of the CTrO - Mike Puglia - BSW #424 1:06:01

21d ago1:06:01

1:06:01

While many businesses rely on Microsoft 365, Salesforce and Google Workspace security features, critical blind spots remain—the recent series of high profile SaaS breaches demonstrate this. So what should you do? Mike Puglia, General Manager of Kaseya Labs, joins Business Security Weekly to discuss the risks in SaaS applications. In this segment, M…

1
AI semantics, Calendly, Teams, Schmaltz, India, Antigravity, Scada, Aaran Leyland... - SWN #534 36:15

14d ago36:15

36:15

AI semantics, Calendly, GreyNoise, Teams, Schmaltz, India, Antigravity, Scada, Aaran Leyland, and More... Show Notes: https://securityweekly.com/swn-534

1
AI semantics, Calendly, Teams, Schmaltz, India, Antigravity, Scada, Aaran Leyland... - SWN #534 36:15

21d ago36:15

36:15

AI semantics, Calendly, GreyNoise, Teams, Schmaltz, India, Antigravity, Scada, Aaran Leyland, and More... Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-534

1
Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359 59:02

22d ago59:02

59:02

For OT systems, uptime is paramount. That's a hard rule that makes maintaining, upgrading, and securing them a complex struggle. Tomas "Data" Owens and James Cotter discuss how Tennessee is tackling the organizational and technical challenges that come with hardening OT systems across the state. Those challenges range from old technology (like RS-2…