Security Weekly Podcast Network (Audio)

Segment 1: Interview with Mathias Katz What if you had enterprise-grade network security protections traveling with your users' laptops? What if it could be built into the laptop, but still stay safe even if the laptop OS and firmware were entirely compromised? Mathias and his company, Byos have built such a thing, and BOY do we have some questions for him. Segment 2: Interview with Wolfgang Goerlich Addressing the nuanced, nefarious threats of AI Sure, we need to worry about AI prompt injection and AI data leakage, but what about the threats to our BRAINS? Seriously, as we start to have daily conversations with this technology, how are they going to shape how we think? What inherent biases in the training, fine tuning, guardrails, or lack of guardrails are going to affect our decisions or how we work? Wolfgang is concerned about this, so he performed a human/AI experiment. With almost 1000 people partaking in the experiment, the results are sure to be intriguing. Segment 3: This week's enterprise security news Finally, in the enterprise security news, survey results on how folks are feeling about openclaw some hidden drama discovered in KEV updates some new KEV tools is AI replacing traditional code scanning tools? remote code execution in notepad no, not notepad++, NOTEPAD.EXE you know, the one that ships preinstalled on Windows the RSAC innovation sandbox finalists dealing with legacy vulnerabilities Don't accept OpenClaw Mac Minis from strangers! All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-446

Reports on malicious Chrome extensions that spoof AI and steal credentials. Coverage of an SCCM SQL-injection and CISA warning. A rising CVE count and an IRC-based Linux botnet named SSH Stalker. AI-driven memory market shifts and malware using AI APIs for dynamic code. Privacy erosion, TikTok tracking pixels, deepfake takedown rules in India, and legal knots around recordings.

In the security news: Viral AI prompts Things to do in your home security lab I can open your garage door They call me DKnife Beyondtrust RCE Cool AI device Robots need your body Meta is just full of scams, phishing, and malware Claude Opus 4.6 found more than 500 high-severity vulnerabilities Arista next gen firewalls and command injection Secure Boot updates The RCE AMD won't fix and why the article went away End of support means get it off the network Accidentally giving away $44 billion of Bitcoin Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-913

Sandy Carielli, Forrester VP and principal analyst focused on application and product security, discusses preparing for Q-Day and post-quantum readiness. She covers urgency around 2030, regulatory and vendor migration pressures, harvest-now decrypt-later risks, the need for cross-functional teams and procurement questions, and cryptographic agility and proxy strategies for legacy systems.

Idoru, Singapore, Gambling, Smartertools, Ivanti, ZeroDayRat, Twiki, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-554

When it comes to agents and MCPs, the interesting security discussion isn't that they need strong authentication and authorization, but what that authn/z story should look like, where does it get implemented, and who implements it. Dan Moore shares the useful parallels in securing APIs that should be brought into the world of MCPs -- especially because so many are still interacting with APIs. Resources https://stackoverflow.blog/2026/01/21/is-that-allowed-authentication-and-authorization-in-model-context-protocol/ https://fusionauth.io/articles/identity-basics/authorization-models Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-369

Interview Segment - Rob Allen - Clickfix "Clickfix" attacks aren't new, but they're certainly more common these days. Rob Allen joins us to help us understand what they are, why they work on your employees, and how to stop them! We tie it into infostealers and ransomware actors. Plenty of practical recommendations for how to spot and prevent these attacks in your environment, don't miss it! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Interview Segment - Rob Allen - Zero Trust World Threatlocker's 6th annual Zero Trust World event is happening next month! This three day event runs from March 4th through the 6th once again in sunny Orlando, Florida. This year's event is packed with hands-on hacking workshops, competitions, prizes, and keynotes from Marcus Hutchins, and Linus and Luke from Linus Tech Tips. Security Weekly will be there as well, doing live interviews and recording an episode of ESW live! This segment is sponsored by ThreatLocker's annual Zero Trust World. Visit https://securityweekly.com/ztw to learn more about the conference and register with discount code ZTW26ESW! News Segment For this week's enterprise news, we discuss OpenClaw! funding! acquisitions! testing out AI models’ offensive security capabilities more openclaw! the need for more transparency and testing in the vendor space A photobooth service leaks drunken pictures of wedding parties The salty snack that helps server uptime All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-445

Josh Marpet, cybersecurity practitioner and commentator, weighs in on AI agent risks and enterprise defenses. Conversation covers built-in Sysmon in Windows, Looker vulnerabilities and unknown inventory dangers, and malicious OpenClaw skills in AI agents. They also debate convenience versus security and the need for default-deny controls.

They dig into supply-chain sabotage like the Notepad++ update compromise and why update attestation matters. A signed Windows driver that neutralizes EDR gets unpacked. Exposed LLM endpoints and insecure agent designs spark AI security concern. Cyber attacks on VPNs, NAS, and critical infrastructure are examined alongside residential proxy abuse fueling large-scale scanning.

For decades, leadership was judged by outputs such as profit, speed, and results. But the real competitive advantage now lies beneath the surface of your P&L: Your culture, trust, and psychology driving every decision, including cybersecurity. Hacia Atherton, the author of The Billion Dollar Blind$pot, joins Business Security Weekly to discuss the invisible human costs — fear, burnout, disengagement — quietly draining performance. She will discuss the silent costs of outdated leadership and gives you a playbook to fix them for good, including: Self Leadership Psychological Success with Emotional Mastery Co-designing a Culture to Thrive Leaders need to turn emotional intelligence into a measurable business strategy. Because emotional intelligence isn’t optional anymore, it’s operational. Segment Resources: https://www.haciaatherton.com/ https://www.haciaatherton.com/billion-dollar-blindspot https://www.instagram.com/hacia.atherton/ In the leadership and communications segment, CEOs and CISOs differ on AI’s security value and risks, How to strategically balance cybersecurity investments, Succeeding as an Outsider in a Legacy Culture, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-433