Security Weekly Podcast Network (Audio)

Rinoa Poison, a scam-baiting creator who exposes and wastes scammers' time, walks through modern cons. Conversations cover AI-powered scams, tech support and click-fix tricks, and how recovery and fake-site services operate. Practical props, safety setups, red flags, and using AI personas to tie up scammers are highlighted.

They walk through high-speed internet scanning tools and how to chain them into an automated pipeline. Topics include passive recon with Shodan, mass host discovery with ZMap, and application-layer grabs with ZGrab2. They cover service fingerprinting, template-based vulnerability checks, AI-assisted whitebox testing, and orchestrating everything with a Python EdgeScan workflow.

A deep dive into crypto-agility and why swapping algorithms is only the start. They cover inventorying cryptography across systems, prioritizing migrations with C‑BOMs, and practical roadmaps like the PQCC guides. Conversations focus on tooling, automation, vendor coordination, timelines toward 2030, and strategies for mitigating harvest-now, decrypt-later risks.

Rinoa Poison, a scam-baiting creator and podcaster who exposes and disrupts fraud, shares how she started and built a community around elaborate cons. She explains technical setups, staged personas, long-running stings, and the rising role of AI and data aggregation in modern scams. Safety, OPSEC, and when to stop are also discussed.

Erik Nost, a Forrester senior analyst focused on proactive security and exposure management. He breaks down proactive security into visibility, prioritization, and remediation. Discussions cover asset visibility, shrinking zero-day windows, using LLMs responsibly, making business impact machine-readable, and practical tradeoffs in secure code generation.

Kara Sprague, CEO of HackerOne and bug bounty expert, explains how AI and researcher communities can help secure aging critical infrastructure. Mike Prevett, founder of Return on Security and market-intel writer, breaks down the current cybersecurity market, funding shifts, and how AI is reshaping vendors. Multiple short conversations cover AI triage, vulnerability disclosure programs, market recovery, and who’s buying security now.

A fast rundown of AI-assisted scams and music-streaming fraud that fooled platforms and regulators. Coverage of a fake Zoom call that installs malicious software and a patched SharePoint RCE now on CISA's list. Discussion of vibe hacking tactics, legacy Telnet vulnerabilities, and the risks of AgeID facial‑recognition plans and privacy leaks.

Sergi Àlvarez (Pancake), creator and community leader behind the Radare2 reverse engineering framework, shares his origins in security and why Radare2 became a modular, plugin-first toolkit. He discusses AI-assisted decompilation, defending the project with fuzzing and scans, and upcoming plugins for Unity, Flutter, and React Native. The conversation also covers discovering nine vulnerabilities in low-cost IP KVMs and real-world hardware hacking stories.

Security metrics often fail because they measure activity rather than actual risk, often failing to connect with business impact, making them difficult to explain to boards and executives. How do you build efffective metrics that are actionable, contextual, and valuable? Ben Wilcox, CTO & CISO at ProArch, joins Business Security Weekly to help us speak the language of the board. Ben will cover how to develop measurable, strategic, and AI-ready security metrics. In the leadership and communications segment, Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short, When the Team Gets the Recognition, Your Leadership Is Working, The communication lesson that changed my career, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-439

Reports on malware delivered through Steam updates and a malware strain targeting developers to enable supply-chain attacks. Coverage of a wipe incident using compromised Intune admin access. Discussion of email obfuscation tricks that defeat NLP defenses and a Samsung app causing drive access errors. Stories about Waymo vandalism and debates over a new adult 'spicy' AI mode.