AI Cheating?, O, Canada, npms, passkeys, Exchange, Solaris, the amazing Rob Allen of Threatlocker, and More on this edition of the Security Weekly News.

Segment Resources:

Ingram Micro Working Through Ransomware Attack by SafePay Group | MSSP Alert: https://www.msspalert.com/news/ingram-micro-working-through-ransomware-attack-by-safepay-group

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/swn-525

In the security news this week:

• Cybersecurity is dead, and AI killed it
• Exploiting the patching system
• Apple makes it easier for spyware
• Who is patching Cisco ASA?
• Shove that DMCA somewhere
• HTTPS - a requirement
• Russia wants to own all the exploits
• Abandonware challenges
• Reversing at its hardest with Lua
• Hacking team is back, and leetspeak malware
• When you forget to authenticate your API
• Jamming with cool tech
• GoSpoof
• and After 35 Years, a Solution to the CIA’s Kryptos Puzzle Has Been Found!

Show Notes: https://securityweekly.com/psw-898

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust?

Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm’s destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success.

In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world ‘hit zero’ or came close to it: Failure is ‘the gift’, The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more!

Show Notes: https://securityweekly.com/bsw-419

Lockpicks, Microsoft, CoPhish, Atlas, Turing, ForumTroll, PKD, even Kilgore Trout, the Amazing Aaran Leyland, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-524

The post quantum encryption migration is going to be a challenge, but how much of a challenge? There are several reasons why it is different from every other protocol and cypher iteration in the past. Is today's hardware up to the task? Is it just swapping out a library, or is there more to it? What is the extent of software, systems, and architecture that have to be updated or replaced to complete the migration? Can we get it all done by 2030?

Sandy Carielli and Martha Bennett join us to answer these questions and dive into one area of tech that hasn't been discussed much when it comes to post-quantum encryption: blockchain.

Relevant Forrester Reports:

• Quantum Computing isn't a Threat to Blockchains - Yet
• The Architect's Guide to Quantum Security

In the news, high standards for open source software, trends in self-hosting, doing the cloud wrong, and is it really always DNS?

Show Notes: https://securityweekly.com/asw-354

Segment 1: Interview with Dave Lewis from 1Password

In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security.

• 1Password Addresses a Critical AI Browser Agent Security Gap
• 1Password Now Available in Comet - the AI Browser by Perplexity

This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more!

Segment 2: Enterprise News

In this week's enterprise security news,

1. one big acquisition, two small fundings
2. not all AI is bad
3. deepfakes are getting crazy good
4. make sure you log what your AI agents do
5. Copilot prompt injection
6. NordVPN tries to pull a jedi mind trick on us
7. failure rate in AI adoption is a feature not a bug?
8. using facial recognition to find Tinder profiles
9. a predictable squirrel story

All that and more, on this episode of Enterprise Security Weekly.

Segment 3: Two interviews from Oktane 2025

Interview with Connor Mulherin of TechSoup

The cybersecurity landscape in the nonprofit sector is evolving quickly, with organizations facing unique challenges due to limited resources, sensitive mission-driven work, and developing policies and training programs. Connor Mulherin, Director and GM of Validation Services at TechSoup, will discuss the industry's need for accessible and collaborative solutions to provide affordable technology leadership and security guidance. It will highlight how nonprofit organizations can build long-term digital resilience and combat these growing challenges.

Segment Resources:

• www.techsoup.org
• Tech Impact Launch CTO Program For Small NPOs
• Virtual Chief Technology Officer Program for the Nonprofit Sector

Interview with Mike Poole, Director of Cyber Security at Werner Enterprises

In today's digital landscape, cybersecurity is not just a technical issue—it’s a business imperative. Organizations that prioritize cybersecurity culture see fewer incidents and stronger resilience against evolving threats. But how do you foster a security-first mindset across an organization?

This session will explore the critical components of building and maintaining a robust cybersecurity culture, starting with executive leadership buy-in—a fundamental step in securing resources and driving organizational change. We’ll then dive into the power of monthly phishing exercises, which reinforce awareness and preparedness. Attendees will also learn how to develop effective training programs that engage employees at all levels and create lasting behavioral change. Finally, we’ll discuss the role of cybersecurity-themed events, particularly during Cybersecurity Awareness Month, as a powerful tool to capture attention and reinforce key security principles.

This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!

Show Notes: https://securityweekly.com/esw-430

Venomous Robo Bees and Rabid Cocaine Weasels, sidebar spoofing, AI Risk, Red Tiger, SessionReaper, Bad Bots, Willow, Josh Marpet, and More on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-523

In the security news:

• When in doubt, blame DNS, you're almost always correct
• How to Make Windows 11 great, or at least suck less
• CSRF is the least of your problems
• Shady exploits
• Linux security table stakes (not steaks)
• The pill camera
• Give AI access to your UART
• Security products that actually try to be secure?
• Firmware vulnerabilities, lots of them
• Teams is spying on you
• More details on PolarEdge
• VSCode, marketplaces, and developers at risk
• Cisco SNMP flaw used to deploy malware
• The 90's called, they want their exploits back

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-897

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk?

Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they’re most relevant) are delivering faster, more effective behavior change that lasts.

Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/

This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them!

In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more!

Show Notes: https://securityweekly.com/bsw-418

The Afterlife, AWS, ClickFix, Agentic AI Galore, Robot Lumberjacks, Robocalls, Aaran Leyland, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-522

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help them. Too much software still requires custom configuration to make it more secure. And too few software makers are embracing secure by default, let alone secure by design.

In the news, passively monitoring geosynchronous satellite communications on the cheap, successful LLM poisoning of any size model with a single size dose, security engineering lessons from Signal's post-quantum crypto work, improving security for JavaScript in the browser, and more!

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more!

Show Notes: https://securityweekly.com/asw-353

Segment 1: David Brauchler on AI attacks and stopping them

David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks.

NCC Group’s AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data.

More about David's Black Hat talk:

• Video of the talk and accompanying slides: https://www.nccgroup.com/research-blog/when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls/
• Talk abstract: https://www.blackhat.com/us-25/briefings/schedule/#when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls-46112
• Slide presentation only: https://i.blackhat.com/BH-USA-25/Presentations/USA-25-Brauchler-When-Guardrails-Arent-Enough.pdf

Additional blogs by David about AI security:

• Analyzing Secure AI Architectures: https://www.nccgroup.com/research-blog/analyzing-secure-ai-architectures/
• Analyzing Secure AI Design Principles: https://www.nccgroup.com/research-blog/analyzing-secure-ai-design-principles/
• Analyzing AI Application Threat Models: https://www.nccgroup.com/research-blog/analyzing-ai-application-threat-models/
• Building Security‑First AI Applications: A Best Practices Guide for CISOs: https://www.nccgroup.com/building-security-first-ai-applications-a-best-practices-guide-for-cisos/
• Building Trust by Design for Secure AI Applications: Tips for CISOs: https://www.nccgroup.com/building-trust-by-design-for-secure-ai-applications-tips-for-cisos/
• AI and Cyber Security: New Vulnerabilities CISOs Must Address: https://www.nccgroup.com/ai-and-cyber-security-new-vulnerabilities-cisos-must-address/

Segment 2: Should we replace the CIA triad?

An op-ed on CSO Online made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement.

Segment 3: The Weekly Enterprise News

Finally, in the enterprise security news,

1. Slow week for funding, older companies raising via debt financing
2. A useful AI framework from the Cloud Security Alliance
3. two interesting essays, one of which is wrong
4. Folks are out here blasting unencrypted data to and from Satellites, while anyone can sniff and capture it
5. getting hacked during a job interview
6. LLM poisoning is far easier than previously thought
7. F5 got breached
8. Be careful when patching your Jeep (’s software)

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-429

Erotic Chats, UEFI, F5, Cisco, Doug Sings, Insiders, Lastpass, Sora, Aaran Leyland, and More on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-521

First up is a technical segment on UEFI shells: determining if they contain dangerous functionality that allows attackers to bypass Secure Boot.

Then in the security news:

• Your vulnerability scanner is your weakest link
• Scams that almost got me
• The state of EDR is not good
• You don't need to do that on a phone or Raspberry PI
• Hash cracking and exploits
• Revisiting LG WebOS
• Hardening Docker images
• Hacking Moxa NPort
• Shoddy academic research
• The original sin of computing
• Bodycam hacking
• A new OS for ESP32
• The AI bubble is going to burt
• Mobile VPNs are not always secure

Show Notes: https://securityweekly.com/psw-896

Still managing compliance in a spreadsheet? Don't have enough time or resources to verify your control or risk posture? And you wonder why you can't get the budget to move your compliance and risk programs forward. Maybe it's time for a different approach.

Trevor Horwitz, Founder and CISO at TrustNet joins Business Security Weekly to discuss how the evolution of Agentic AI can automate compliance and risk programs. Move beyond spreadsheets and let the power of AI streamline your compliance and risk program.

In the leadership and communications segment,Is the CISO chair becoming a revolving door?, When Integrity Collides with Bureaucracy: The Price of Leadership in Cybersecurity — and Why Walking Away Can Be the Bravest Act!, Improve Communication With Others By Talking Less — Not More, and more!

Show Notes: https://securityweekly.com/bsw-417

Bikers, Apple, Storm-657, Astaroth, EES, Salesforce, Aaran Leyland, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-520

Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth of AI Agents influences the areas that appsec teams need to focus on. Whether apps are created by genAI or directly use genAI, the future of securing software is going to be busy.

Resources

• https://genai.owasp.org
• https://genai.owasp.org/llm-top-10/
• LLM security book on Amazon at https://a.co/d/6LZoXxQ

This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more!

Show Notes: https://securityweekly.com/asw-352

Segment 1 - Interview with Dr. Anand Singh

We're always thrilled to have authors join us to discuss their new book releases, and this week, it is Dr. Anand Singh. He seriously hustled to get his new book, Data Security in the Age of AI, out as soon as possible so that it could help folks dealing with securing AI rollouts right now! We'll discuss why he wrote it, how he got it done so quickly, and who needs to read it.

Segment Resources:

• Get the book on Amazon: Data Security in the Age of AI (available in Kindle and print)

Segment 2 - Topic: The reasons why CISOs buy (and the things that don't matter to them)

Val Tsanev, founder of ExecWeb, part of the CyberRisk Alliance family, posted shared some VERY spicy insights about how CISOs buy products. This elicited some passionate responses.

There are many interesting insights, but the biggest and most interesting is that 76% of CISOs choose products that presents the least risk to them, personally. Career safety trumps product performance, it would seem.

Segment 3 - News

In the enterprise security news,

1. Shifting Zero
2. Cyber insurance, unlike cyber crime, doesn’t pay
3. New AI security categories are popping up to serve Agentic and MCP servers
4. how tech companies measure AI impact
5. first malicious MCP server in the wild
6. is your computer mouse listening to you?
7. The Korean government did not follow the backup rule of three
8. Think you’ve seen the absolute worst idea for a mobile app? Wait until you hear about Neon.
9. We have no less than three squirrel stories involving bullets, lasers, and greasy snacks

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-428

This week we kick things off with a special interview: Kieran Human from Threat Locker talks about EDR bypasses and other special projects. In the security news:

• Hacking TVs
• Flushable wipes are not the only problem
• People just want to spy on their pets, except the devices can be hacked
• Linux EDR is for the birds
• What does my hat say
• we love exploits and hashes
• ESP32s in your router
• RF signal generator on a PI Zero
• Mic-E-Mouse and other things that will probably never happen, until they do
• Hacking with money
• Uninitialized variables and other things the compiler should catch
• Breaking out of the shell
• Hacking with sound, for real, not just another side channel attack
• Bring back 2G
• When the game engine gets hacked
• Oracle 0-days

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-895

Global spending on cybersecurity products and services will see a strong 14.4% CAGR from 2024 through 2029 and will hit $302.5 billion in 2029, driven by continued concerns around cyberattacks across all verticals and geographies. But where is the spending occuring and how do you prepare?

Merritt Maxim, VP & Research Director at Forrester, joins Business Security Weekly to discuss the Global Cybersecurity Market Forecast, 2024 To 2029 report. Merritt will discuss the findings, including:

• In 2029, 69% of cybersecurity spending will be on software across seven prime functional disciplines of cybersecurity (applications, cloud, data, endpoint, network, identity, and security operations);
• the remaining spending will be allocated to security services, excluding security outsourcing, implementation, and deployment services; and
• AI software spending will grow at a CAGR of 21.2%, from $74.3 billion in 2024 to $194.3 billion by 2029.

See Merritt's blog of the results at https://www.forrester.com/blogs/global-cybersecurity-spending-to-exceed-300b-by-2029/.

In the leadership and communications segment, The problem with cybersecurity is not just hackers – it’s how we measure risk, What California’s new AI law means for CIOs (and CISOs), The Language of Leadership: How to Set Firm Boundaries Without Sounding Like a Jerk, and more!

Show Notes: https://securityweekly.com/bsw-416

Bad Crypto, Blood Thirsty Zombie CPUs, Y2K38, Park Mobile, Palo Alto, Redis, Red Hat, Deloitte, Aaran Leyland, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-518

Software has forever had flaws and humans have forever been finding and fixing them. With LLMs generating code, appsec has also been trying to determine how well LLMs can find flaws. Nico Waisman talks about XBOW's LLM-based pentesting, how it climbed a bug bounty leaderboard, how it uses feedback loops for better pentests, and how they handle (and even welcome!) hallucinations.

In the news, using LLMs to find flaws, directory traversal in an MCP, another resource for learning cloud and AI security, spreadsheets and appsec, and more!

Show Notes: https://securityweekly.com/asw-351

At Oktane 2025, leaders from across the security ecosystem shared how identity has become the new front line in protecting today’s AI-driven enterprises. As SaaS adoption accelerates and AI agents proliferate, organizations face an explosion of human and non-human identities—and with it, growing risks like misconfigured access, orphaned accounts, and identity-based attacks.

In this special Enterprise Security Weekly episode, we bring together insights from top experts:

• Dor Fledel (Okta) explains how teams can gain visibility into AI agents, uncover risks, and enforce appropriate access controls.
• Alexander Makarov (Adyen) shares how a global fintech unified and streamlined identity with Okta, improving both security and employee experience across 200+ countries.
• Aaron Parecki (Okta) highlights the importance of open standards—like IPSIE, MCP, and A2A—for building secure, interoperable AI ecosystems and centralized control over AI-driven interactions.
• Heather Ceylan (Box) discusses how Box embeds AI into workflows to enhance data protection, even for highly regulated industries.
• Matt Immler (Okta) offers lessons from the field on strengthening defenses with behavioral monitoring, automation, and a security-first culture to counter attackers who now “log in” instead of hacking in.
• Nitin Raina (Thoughtworks) warns about AI-driven social engineering—from deepfakes to multi-channel phishing—and shares practical strategies like phishing-resistant MFA, zero-trust architecture, and better employee training.

From open standards to privileged access management and AI-powered defense, these Oktane 2025 conversations explore how identity-driven strategies are shaping the future of enterprise security.

Segment Resources: https://www.okta.com/newsroom/articles/old-security-challenges--new-ai-risks--managing-authorization-in https://www.okta.com/newsroom/press-releases/okta-introduces-cross-app-access-to-help-secure-ai-agents-in-the/ https://www.okta.com/blog/ai/securing-the-ai-agent-ecosystem/ https://www.okta.com/customers/adyen/ https://www.okta.com/newsroom/?sort=featured&filters=okta%3Acategories%2Fidentity-security https://www.okta.com/customers/thoughtworks/

This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!

Show Notes: https://securityweekly.com/esw-427

Ratboi, Clop, Oracle, svgs, Impact Solutions, The Pentagon, Open AI, Josh Marpet, and More on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-517